This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4119 Views
  • 0 replies
  • 0 Likes

DNS Application uses more DP CPU utilization

Hi, We are facing issue with DNS Application, it uses more DP CPU Utilization 60 to 70%.We have done DNS Application override but no luck. Please find the DNS Session details below. Mem-Pool-Type MaxSz(KB) Threshold MinSz(KB) CurSz(B) Cur.Alloc Total-Alloc Fail-Thresh Fail-Nomem Local-Reuse(cache)dns 2048 80023 1024 830152 10012 279410 0 0 23472...

Clear text traffic to DLP

What do you guys do to send clear text or SSL decrypted traffic over to a nDLP for further action? In my case, the nDLP only support ICAP in order for it to accept traffic from its peering devices. Since PAN doesn't support ICAP at all and I am in search of an alternate solution. Thx!

rKarki by L1 Bithead
  • 2744 Views
  • 1 replies
  • 0 Likes

Resolved! cannot find matching phase-2 tunnel for received proxy ID

We have a site to site VPN setup that was allowing one IP. On the ipsec tunnel sec proxy-id allow local (10.1.2.1/32) which was working just fine.We had to recently allow two more IP's 10.1.2.20 and 10.1.2.75. I Changed the ipsec tunnel sec proxy-id local to 10.1.2.0/32 to allow a range. When we made this change the VPN is enabled, but we are ...

bino150 by Not applicable
  • 35693 Views
  • 7 replies
  • 1 Likes

Fighting the cli ... sigh - how to import a cert via the cli

Hi So, silly me I manage my cert in panorama, so when my int CA for my management ports came up for renewal, i renewed, and pushed out to all the devices ... except for my panorama 😞now I have cli access only.I have found the location configurepanorama certificate but when it comes time to add my multiline public key ... it will not take multil...

Internal Gateway configuration problem

I'm using PA-3220 firewall.Ethernet 1/1,1/2,1/3,1/4 is connected to main switch, Cisco AP, Internal router and server 10Gb switch. I setup a GlobalProtect internal gateway for using User-ID and used vlan 1 (192.168.1.2) as the gateway and Portal's IP. When I used GlobalProtect to connect the Portal (192.168.1.2), it shows “Connection Failed – Pl...

Use Google Apps as User-ID Identity Source

Fellow Engineers - Wondering if there is a way to integrate User-ID with Google Apps, such that a school that has deployed Chromebooks can use the students' existing Google login IDs to identify the users on the Chromebooks. Does anyone know if this is possible, and if so, how to enable it? Thanks!

Authentication Sequence not working

Hi All, I have successfully tested Authentication policy using LDAP, MFA (Okta API), SAML and RADIUS (Okta). I am working on the redundancy scenarios wherein if Okta fails, the fallback would be LDAP. I am using RADIUS (Okta) and LDAP in the Authentication Sequence. I am however unable to get the LDAP (Active Directory) fallback working. I am si...

Chromebooks user-id ?

Has anyone tried to get a userid authentication from users with Chromebooks? We are evaluating Chromebooks to be used in a laptop cart setting in our school. I don't want to fall back to a portal login if there is any way I can get a current user off the chromebook via the chromebook/google apps login session they will be using.If it helps, I ...

Resolved! Alert mail for threat detection

Hello all, I try to set up alert mail to prevent when my PA220 detects an threat (inboud attack for example). I configured scheduled PDF reports (daily and weekly) but I want also be informed instantly when a threat is detecting ? It is possible ? Thank you in advance for your help.

feelgood by L2 Linker
  • 5718 Views
  • 5 replies
  • 0 Likes

Resolved! Terminal Server Agent port redirection

We are having some issues regarding the port redirection when combined with third party program. This program brings up a TCP listening port that TS Agent redirect to the designated port in the default range (20000-39999) but the program doesn't notice this redirection and keeps trying to stablish the connection on the non-redirected port (i.e:...

patsa.png

Resolved! MineMeld install Error on Ubuntu 16.04.6 LTS (GNU/Linux 4.4.0-174-generic x86_64) - VMware vsphere

Hi community, I have followed this instruction https://live.paloaltonetworks.com/t5/MineMeld-Articles/Manually-Install-MineMeld-on-Ubuntu-16-04/ta-p/253336 to install MineMeld on the Ubuntu 16.04 server. All steps are good except the last step Checking if MineMeld running. I did the command and got the message$ sudo -u minemeld /opt/minemeld/en...

tienngo by L2 Linker
  • 4104 Views
  • 1 replies
  • 0 Likes

Troubleshoot VM Panorama with multiple interfaces

Hi All, We have few virtual Panoramas running 8.1 that are needs to managed firewalls into two different zones with no connection between them. For that reason we have configured the Panorama with multiple interface.- The mgmt interface in used for access to the Panorama as well as managing some if the firewalls- Eth1/1 interface is used for man...

  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks