This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4104 Views
  • 0 replies
  • 0 Likes

Dataplane Crash in Paloalto after firmware upgrade

Upgrade the Customer device from 7.1.25 to 8.1.12 and after the upgrade, we are facing issues with Dataplane Crash. Attached is the error message. Below bug matches the error. We have also tried to downgrade the Firmware to 8.1.10 and the issue still persists. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PMSyCAO Devi...

Server monitoring Not Connected / User-ID Agentless

Hello, I have two Domain Controllers, one is shown as Connected and the other is Not Connected. -The 10.0.12.80 is a replica of 10.0.0.51.-The server 10.0.12.80 is reachable by the management interface. -When creating the LDAP Server Profile & adding in the Server List the address 10.0.12.80, the Base DN does auto populate when clicking the...

2019-05-15 11_09_46-Películas y TV.png
upatino by L1 Bithead
  • 7528 Views
  • 3 replies
  • 0 Likes

Resolved! How to set CLI output in Operational mode

Hi everyone,I'm working with different models of PaloAlto firewall (all of them have PANOS 😎 and I want to develop an automatic service on them to get the CLI output and parse it to get data I'm interested but, to do that as easy as possible, I want to know if is possible set the CLI output to XML or JSON format in Operational Mode (not Config...

Resolved! Packet Descriptor Atomic Size and Total Size what does number indicate??

Today we have routing issue that caused the Packet descriptor to go 100 and Caused the max CPU on 5220 to 100. sh running resource-monitor ingress-backlogs show few sessions using 42/% and 39%. atomic shows 81% total 99 I had to clear the sessions quickly to bring these numbers down.Then we fixed the routing. Need to know what does numbers atom...

MP18 by Cyber Elite
  • 5946 Views
  • 2 replies
  • 0 Likes

Resolved! 'unknown ikev2 peer - Azure

Hi, I have several Azure sites with an active-active gateway and 2 different ip.I have a Palo Alto pa-820 with 8.1.12 firmware, 2 interfaces with 2 different communication providers and different public ip.What makes a tunnel ikev2, bgp and peers.Scheme:pa-820-Supplier1-IP1---- IP1-AzureGW1pa-820-Supplier2-IP2----IP2-AzureGW1 In Azure I have con...

Zero-trust region policies

We are testing out using a Zero-trust policy to block traffic to and from all regions but a few known good or needed regions. I am running into issues with Microsoft, AWS websites and services that roll to different data centers and IPs around the globe. Does anyone have any suggestions to allow traffic to these sites and services without having...

drischar by L0 Member
  • 2029 Views
  • 1 replies
  • 0 Likes

Resolved! Global protect Compatibility Check

We are planning to go with the Preferred GP version 5.0.7. As currently the users don’t have the privilege to upgrade to this version on their laptop, is it ok to first install the GP on client systems through Active Directory Group Policy and then upgrade the GP on the firewall to 5.0.7? On the firewall it’s currently 5.0.4 and this firewall is...

Certificate

Hello All. I set up the directory service for the first time yesterday. Everything works, but I noticed the certificate I have to create is only valid for a few months. Do i have to renew it in the future?https://4kpornindex.com/

Resolved! Same CLI commands with different cli output for Palo Alto Firewall

hi,I am experiencing a strange behavior for 3 Palo Alto Firewall. The same 2 CLI commands to check if the firewall has implicit deny rule and logging in place. Commands are as follows;#show rulebase default-security-rules interzone-default | match action#show rulebase default-security-rule interzone-default | match logHowever 3 PA Firewall shows...

image.png
image.png
image.png

Resolved! Is there a secure way to generate XML API tokens?

I've been trawling Google for a while now trying to find an alternate way to generate the XML API token. However there only seems to be one method to do so.Maybe I'm a little paranoid, but it seems really insecure to send your admin username and password in plaintext to the firewall to generate an API token. In a world where network security is ...

How to add feed for github IPs?

Little confused on how I actually do this. I want a list generated on minemeld from the following page: https://api.github.com/meta How do I go about making it so that list is referenced via a policy to allow github APP to that list of IPs? I am already using minemeld for o365 but that was canned and this isn't. Appreciate any help anyone ca...

drewdown by L4 Transporter
  • 9309 Views
  • 6 replies
  • 1 Likes

Overloading 5220 with 9.0.x

Hi I update my firmware from 8.1.10 to 9.0.5 now I can bring my 5220 to its knees with my mailist runSo email consist of pdf attachment - approxy 3M. but about 4K emails all around the same time This wasn't a problem before on the 8.1.10 .. but on 9.0.5 cpu hits 100% and my latency through the box goes from <1ms to 2-3s+ which makes things c...

Alex_Samad by L4 Transporter
  • 13426 Views
  • 22 replies
  • 0 Likes

Resolved! PA-500 Noise Issue

Hello,We have PA-500 Firewall and it is making a lot of Noise but the Indicator is showing Green.Can anyone suggest what could be the issue and how can it be resolved.Also, i am not able to find any Pala Alto Support here in Dubai where I can get the same checked.Thanks a lot in advance.

Resolved! Replacing fan tray in PA-500

Hi all,Apologies, I am new to the PA forum, first time poster here. I have a job coming up to replace a fan tray in a PA-500. I tried to find some documentation since I have not carried out this type of work before but I can't see to find any. Are fans/fan trays in the PA-500 hot swap-able? Is there a document on how to replace the fan trays and...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks