This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4131 Views
  • 0 replies
  • 0 Likes

Resolved! can we configure a data interface to perform HA path monitoring?

I would like to configure HA failover condition that utilizes my data interface to perform path monitoring. this way, firewalls will failover when there is a routing issue. I don't see an option to use a source interface/ IP under HA-path Monitoring-Add virtual router path.is there any way to accomplish this?Thanks.

No logs on PA-200

I have inherited a PA-200 and recently just upgraded it to PAN-OS 8.1 and installed it. I have activated the licenses and subscriptions committed changes and reboot the device, but i am getting no logs at all with the exception of system logs. Have i missed something or are there bigger issues going on?

Resolved! Dynamic updates schedule from Panorama

I see PA have changed the behavior of dynamic updates push from Panorama to managed firewalls from PAN OS 7.x to 8.x. As per PA, in 7.x panorama will push the updates to managed devices. But from 8.x, managed device itself retrieve the updates from Panorama. Can someone please help to explain in brief on how firewall will come to know about the ...

PA.PNG
Rajesh12 by L3 Networker
  • 13419 Views
  • 8 replies
  • 1 Likes

Need to decide method of Paloalto firewall deployment L3 or vwire in an existing network infra

Hi, I have many sites with different network infrastructure in different countries and i would like to deploy Paloalto firewalls below wan link, please help to to decide method of Paloalto firewall deployment L3 or vwire in an existing network infrastructure I have been assigned to study the infrastructure and decide L3 or Vwire and to give th...

How Do You Authenticate Users From Specific IP Ranges for Admin Device Access?

Palo Alto integrates with a number of products; which usually require specific user accounts on the firewall. If your firewall has management access exposed to the internet all of the accounts can be used to log into the firewall. Would it be possible to limit device management for certain users access to specific subnets, such as RFC 1918? Exa...

blwavg by L2 Linker
  • 5325 Views
  • 3 replies
  • 0 Likes

Resolved! ECMP with one IP on outgoing

Hi, We have configured ECMP on our PA-220 to HA of our Internet access with load balancing.But we outgoing to Internet with two IP addresses. It's possible to configure only one IP public address view from outside ? If not possible, there is an another method ? My configuration :PA-220PanOS 8.1.11 Thanks in advance for your help. FG

feelgood by L2 Linker
  • 6385 Views
  • 6 replies
  • 0 Likes

Global protect new features suddenly showing up on portal app config

I am pretty sure they were not there before on the same version of GP that I am running on . I see option "Allow user to sign out from Global Protect APP" and "User Single Sign-on(macOS)". I do not see any documentation about those. I tried to activate those options and they do not seem like working . Can anyone please advise ? Please find the s...

GlobalProtect_SSO.JPG
Nvempati by L1 Bithead
  • 5431 Views
  • 4 replies
  • 0 Likes

Resolved! Disabling Graceful restart for OSPF

Hi team, When performing a failover in our office we completely lose connectivity in or out. When troubleshooting we noticed we could not see the OSPF peer on the router or firewall. Looking through the system logs I notice:routed-OSPF-stopped-graceful-restart description: OSPF stopped graceful restart. Protocol: OSPFv2. Exit reason: time outthe...

ACTICE/PASSIVE CONFIG SYNC PROBLEM( Running cofiguration not synchronize)

Hello All, The firewalls are configured in high availability (A/P) but the running configuration is not synchronized. I have already tried to restarting management server of both firewall as well I tried to sync manually but getting below error:- After that, I have tried to sync from CLI mode by this command:- request high-availability sync-to...

run-confi.PNG
run-confi.2.png

Panorama OVA download

Hi guys, I hope yus can help me out. I'll be deploying Panorama in ESXi server, where can I download the OVA file? I know this is a very stupid question. I'm following the steps below, but I can't find it under my profile. https://docs.paloaltonetworks.com/panorama/8-1/panorama-admin/set-up-panorama/set-up-the-panorama-virtual-appliance/instal...

WRibeiro by L1 Bithead
  • 32433 Views
  • 7 replies
  • 2 Likes

Resolved! Crazy Q... Minemeld on raspberry pi?

Has anyone been brave or bored enough to try to run MineMeld on a pi? I just tried it on Ubuntu 16, Ubuntu 18, Debian 9, CentOS7 and was unable to get any of them to succesfully install. It seems to get close on Ubuntu 16 and 18 but after getting past 3 nasty red errors during the ansible playbook process I was roadblocked at a 4th one that stum...

hshawn by L4 Transporter
  • 7556 Views
  • 2 replies
  • 1 Likes

Resolved! Problem with GUI and WildFire

Hi Everyone,I have a problem with my PA-200 device, when the device turns on the status LED is still orange and I can't log in through the GUI interface due to "Error in parsing xml response". I found the following solutions:https://live.paloaltonetworks.com/t5/General-Topics/Error-in-parsing-xml-response/td-p/97750https://knowledgebase.paloalto...

Areczki by L1 Bithead
  • 6523 Views
  • 4 replies
  • 0 Likes

Captive Portal not working for Untrust to Trust connection

I've a requirement to validate users from Internet (untrust) when connecting to Internal (trust) network. I followed all steps marked in Admin guide and elsewhere for setting up captive portal, but somehow it is not working. Just to be sure i followed same steps for Trust to Untrust and it is working as expected. So i'm perplexed if this is poss...

sbaghel by L1 Bithead
  • 6912 Views
  • 6 replies
  • 0 Likes

Resolved! PA 5520 to PA 5220 Cluster migration

Hi, I want to migrate one PA Cluster from 5020 7.1.16 to 5220 8.1.8. Could you please help me with the steps to follow for this migration and is there a document available? ThanksJP

  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks