General Topics

can't able to get response for show running security-policy command from the device via SSH

we are using Paloalto PA-5220 PAN-OS 8.0.7 virtual firewall. using a third tool we trying to fetch the policies using the command "show running security-policy".  when the command is entered it stays still and the policies are not shown. It happens s

NAT

HI,

when do we use the destination nat ,source nat and  identity nat 

I mean what is the use cases for the above 

Thanks

Interface issue - see traffic but no arp entry for gateway

We have an issue with an interface that is talking weirdly.  We have changed ports to rule out hardware, and I can work ok with a laptop in the same switchport.  The line comes from Verizon's media converter to a switch that is connected to the pair

Document on VM information sources for Windows User-ID Agent?

Anyone have a good document or link on the windows user-id agent for monitoring VM information sources?  Looks easy enough to setup on the windows agent, but how does it monitor/parse logs and what exactly does it do when making the connection/permis

App-ID - ms-rdp not allowed, traffic being blocked as cotp

Hi All,

Were running 7.1.14. 

Ive created a rule to allowed ms-rdp to the rule. Ive checked first if ms-rdp has any dependencies, there is none. It implicitly uses cotp and t.120.

So from what i understand from the meaning of Implicitly uses, i only n

Usage Difference between SSL Forward Proxy and Inbound Inspection Decryption mode

Hello

i have read the articles regarding the types of ssl decryption:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClV8CAK

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/decryption/decryption-concepts/ssl-forwar

Template Stacks for HA (Active\Passive)

Looking to deploy template stacks to all of our managed firewalls from our Panorama 8.1.x. I am wondering how to deploy STACKs with values unique to each individual in a HA (active\passive) pair. Some settings would include:

Hostname,

HA configuration

Palo Alto 8.0.7 basic ospf configuration not working with aruba switches

Folks,

              We have 2 Palo Alto FW and 4 aruba switches in the same area (area 0), we are noticing that the aruba fw is loosing neighbor relationship with the routers every couple of seconds 30-60 seconds. The configuration is very simple, an

Adding filter "?v=panosurl" broken access to all websites

Custom URL category is configured to block phishing URLs collected from Linux MineMeld server through EDL. For some reason adding filter "?v=panosurl" (https://10.9.0.60/feeds/phishing-url?v=panosurl) to retrieve URLs in PAN-OS supported format (malw

9.0.3 -h3 - Possible bug?

Hi, 

anyone had issues after updating to this version? 

We had strange behaviour accessing some websites stating that 'File Transfer Blocked' there was nothing showing in the logs. 

We rolled back to 9.0.3 and problem went away. Possible bug ?

D.

BPA First Time Configuration Merge with Production configuration

Hi Team, I have completed BPA Day one Configuration and would like to merge those best practice with my Production configuration back. Please suggest the best way to implement. thank you