This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Resolved! Question on removing Panorama template from firewall

Hi All, We have an active firewall with Panorama policies still applied in a read only state- unfortunately the panorama server no longer exists with the local firewall having no connection back to a serverWe wish to remove the panorama settings on firewall but still keep Panorama policies in the local configuration. From the KB article it stat...

HGreen by L0 Member
  • 6650 Views
  • 3 replies
  • 0 Likes

Resolved! Cisco IP phone is not registering to server

Hi all,I have Palo alto in my network connected to CISCO Call manager server and Cisco DX650 IP phone. I am facing issue that DX 650 is not registering to Call manager server when I capture log I found that the traffic comming from Call manager server and IP phone into Firewall is completing TCP connection but when outgoing traffic from firewall...

Terminal Services Agent in Windows 2016 Citrix - SMB-Sessions not mapped to user

Dear community, we're running W2K16 servers here using Citrix. We also installed the latest TSA and when a user logs in he is properly recognized on the firewall and the TSA assigns a port-range dedicated to the user.When establishing new TCP-connection that is also properly recognized on the firewall and permissions can be granted depending on ...

Client IP visibility issue at Remote Server

Hi Team,Below is possible in paloalto side? Note: there is no proxy in between client and paloalto Problem description :The clients behind PA firewall connecting to AWS NLB then connecting to our AWS web servers(https:// tallysolutions.com). Now we are not able to see the actual client ip address in the AWS Web server. To resolve this issue AW...

URGENT Email alert

Dear Team, One of our client want to set email alert for data plane CPU threshold will be 60% for this.I checked it but found only option, where we can set an alerts on the basis of even severity. Need your help in this to set email alerts for data plane on certain threshold values.Kindly provide if you have any KB to configure this.

Resolved! URL category as "Any"

Hello Team, I have one customer query related to security policy with URL category. Customer query: When the SNI/HTTP header is missing and the URL Category is classified as ‘any’, the processing of that session should be moved to the next security policy that matches the URL category of ANY, that also matches the source, destination and port. I...

Palo Alto login failovers from TACACS to local

Hello guys, I have one requirement for pointing request to TACACS for login. If TACACS fails then only local login should work. Currently when i am configuring authentication sequence where TACACS is first priority and 2nd is local but it seems gateway is accepting both logins. Is there any way we can tune this to primary tacacs and if tacacs fa...

After upgrade my firewall not able access GUI

HI,I have upgraded my firewall 8.1.12 version, after that I am not able to access my firewall through GUI. I have gone through the logs , might be some files are missing after upgrade. can any once check logs and let me know if found any thing. below is the logs:-

img1.PNG
img2.PNG
img3.PNG

Accredited Configuration Engineer (ACE) Exam - PAN-OS 8.1 Version

Hi , After successfully completing Firewall 8.1 Essentials: Configuration and Management (EDU-110) course, I received the completion email without ACE exam test link for Accredited Configuration Engineer (ACE) Exam - PAN-OS 8.1 Version. This is the common issue most of us are facing post completion requesting kind support so that we can take the...

Aggregate interface without LLDP/LACP

Hi Community, I have an aggregate interface from PA to cisco having 2 physical interfaces, I don't have LLDP or LACP enabled in the aggregate interface (LLDP is not enabled globally as well as in interface level). But I can see that the aggregate interface is up and passing traffic. the strange thing happens is that when I add more than 2 subint...

Resolved! NTP not in sync

our NTP is not working properly We already manually restarted the NTP process but still problem persists It is coming out as no sync/rejected It's a VM series firewall on Linux System. We found an article online to disable Synchronize guest time with host when it is on VMware ESXihttps://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA1...

Resolved! Frequent "Failed to check Antivirus content upgrade" messages

Hi all, I have been used to getting the occasional "Failed to check Antivirus content upgrade info due to generic communication error" from Panorama or various firewalls. They haven't been a problem. For about a week now, the frequency of these errors has increased and I'm finding that firewalls aren't getting updates. Has anyone else notice ...

Resolved! "Interzone-Default" rule different config on one firewall

Hi all, I just noticed something strange. I have seven firewalls, and one one of them, the default configuration of the "Interzone-default" rule is different. The default Log Setting action for the rule is "Log at Session End," and I had to override the rule to clear this box. On all of my other firewalls, this box is cleared by default. Is ...

Monitoring Minemeld

Hi Is there a way to monitor minemeld, we have two instances that have lots of feeds and it often falls over and I cant log in. The only way to recover is to do a hard reboot via the vmware console. The server is pingable when this happens.

Bleeky by L0 Member
  • 3316 Views
  • 1 replies
  • 0 Likes

Resolved! Is it safe to allow SSH from internet to DMZ?

We have a server in our DMZ that is allowing from the internet the SSH application via our Palo Alto firewall. The server in the DMZ is very well locked down and the application on the server that facilitates the SSH session is a highly rated 3rd party application that allows vendors to connect to servers in your network. I've read and heard how...

roma by L2 Linker
  • 8368 Views
  • 3 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks