This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Generating SSL Decryption Forward Trust Cert for an HA Pair via Panorama?

I've successfully rolled out SSL Decryption on a bunch of non-HA firewalls via Panorama. Generating the .CSR, signing it with my CA, and then importing the .CER but I'm wondering if this is going to work with my HA Pair because I'm guessing that I'll have to have two different certs because there's two different physical boxes. Has anyone done t...

Resolved! Force Template Values

Hi If someone overrides a setting locally on firewall, can this be further overidden by Panorama using force template values? ... and is that instance what happens to the green and orange cogs? Thank you

nawaza by L2 Linker
  • 8662 Views
  • 2 replies
  • 0 Likes

Router on a stick with VLANs

I have a single HPE 5400 that links to a PA-820. I have an untagged p2p VLAN on a Layer3 interface on the PA. I use this as the "MGMT/LAN" side. The HPE is doing routing for internal networks. To add another VLAN, I tagged that same port on the switch, and I add a sub-interface on the PA with the appropriate tag.So, the uplink between the switch...

Resolved! minemeld-engine FATAL Exited too quickly (process log may have details)

MINEMELD 0.9.44 2018-01-30T13:55:26 (4857)mgmtbus.checkpoint_graph INFO: checkpoint_graph called, checking current state2018-01-30T13:55:26 (4857)mgmtbus.checkpoint_graph INFO: graph status None, checkpoint_graph ignoredTraceback (most recent call last):File "/opt/minemeld/engine/current/bin/mm-run", line 11, in <module>sys.exit(main())Fil...

IrekSw by L1 Bithead
  • 12627 Views
  • 13 replies
  • 0 Likes

Export traffic logs in CSV

Hello All, I have tried to export logs from firewall its reach limit up to 1048576 rows, this is only for 3hr logs can anyone have the option to filter logs or can we exceed this limit.?

proxy_arp_pvlan

Hi all, I was dealing with a scenario recently which I eager to use the Palo Alto firewalls.In my design, it is a must to use the feature which is called ARP alias in Cisco terms, and ARP publish in Juniper terms. In case of Linux as Palo Alto is using is proxy_arp_pvlan.the explanation regarding to the proxy_arp_pvlan is as follows which is der...

seek_2 by L1 Bithead
  • 6528 Views
  • 3 replies
  • 0 Likes

Resolved! types of PA firewall inspection

Hello community! I have a question, checking my stick high firewall, I wanted to know if in my firewall I could configure the inspection mode. I have seen another product from another manufacturer that has 2 inspection modes that are the flow mode and the proxy mode. I would like to know if in stick high I also have that functionality available,...

HIP Check licensing expired

I thought that HIP check licensing expiration (trial version), would cause any rules on the FW - using a HIP check profile column to not match. Instead, it appears that it causes the firewall to simply not care about that column at all.... and allow traffic through, on the rule with the HIP check profile specified, even if you are out of compl...

Sec101 by L4 Transporter
  • 3583 Views
  • 3 replies
  • 0 Likes

Resolved! Global Protect Saving User Credentials Security?

After reviewing a few documents, I'm hearing that doing this is not a best practice.... If I choose to do so, does anyone know where those credentials are saved and how they are saved in the agent on the endpoint? I'm guessing encrypted cookies are the way to get around this with longer validity times?

Sec101 by L4 Transporter
  • 31493 Views
  • 13 replies
  • 0 Likes

TCP TimeOut caused by the PA?

We have a video app that is streaming through our Palo Alto firewall on port 80. Everyone once in a while the session fails and can only be revived by hitting refresh in the browser. I am dealing with a network manager that's convinced the PAs are Resetting the session.Before I go through the hassle of creating override policies for port 80 with...

jhickey by L3 Networker
  • 20813 Views
  • 15 replies
  • 0 Likes

Resolved! How to configure Juniper SRX firewall services in Palo Alto 3220

root@srx# show groups junos-defaults applications application junos-ms-rpc-uuid-any-tcp term t1 protocol tcp uuid ffffffff-ffff-ffff-ffff-ffffffffffff; [edit] root@srx# show groups junos-defaults applications application junos-ms-rpc-uuid-any-udp term t1 protocol udp uuid ffffffff-ffff-ffff-ffff-ffffffffffff;Juniper SRX is haveing in-built serv...

Resolved! Query About Policies Security Rulebase Report

Hi Team, When we export a "policies security rulebase report" which shows unknown format like below, Note: Current firmware version is PAN-OS 8.1.10 when on PAN-OS 8.1.9 we could view correct values! Did anyone faced this issue? please let us know whether its because of bug? please advise us whether we need to upgrade or downgrade the PAN-OS or...

policies security rulebase.PNG

Global protect app transparent update issue

Hi Team, I have an issue, where customer is not able to update global protect app using transparent option. I'm explaining the issue in very detail to avoid confusion. User machine is installed with client version 2.3.1. During the time of deployment portal app setting was configured to upgrade "allow user to upgrade with prompt" Now global prot...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks