This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4107 Views
  • 0 replies
  • 0 Likes

Next Gen Firewall Public Wifi Browser Warning Issue

We have a policy for public wifi subnet set toACTION to NO DECRYPT,Set TYPE=ssl-forward-proxy, DECRYPTION PROFILE = NONE When any public device (i.e laptop) try to open a HTTPS website that prohibited by our organization URL policy.For example HTTPS’s porn sites. The browser will come up with the Warning pageFirst page, IE = Website’s security c...

Resolved! User-ID Agents

Hi All, I am migrating Palo Altos to a new Palo Alto. I have a question raised by the end customer. They user User-ID agents currently on their servers. Can they use the same Agents on the new Palo Alto - off the top of my head I am not sure? Given that the new install is a later version of PAN-OS, on a VSYS, new IP ranges internally (and althou...

a.jones by L3 Networker
  • 2615 Views
  • 1 replies
  • 0 Likes

Import/export device state

Upgrading a firewall from a single fw to an HA pair. My plan is to do a device export of the current active firewall then import that device state to the two new firewalls then setup HA. Some of the config pieces are from PANORAMA. Any issues with importing the device state if the fw is not managed by PANORAMA? Or can I add it later? Thanks!

NAT configuration for interface Tunnel

Hi All, I'm in the middle of migrating a series of PAs from one customer to another. The newer system is on version 8.1.10, the other is on 8.0.14. I have configured the VPNs each with a seperate tunnel, pretty standard stuff. I am creating some specific NAT rules for a couple of the tunnels and hit a brick wall... the tunnels have a local IP an...

a.jones by L3 Networker
  • 9317 Views
  • 3 replies
  • 0 Likes

Halloween Reaper challenge time!

#spooktober is in full swing so it's time to have a little fun. Like every year i have a little challenge for you, to see who can up with the most original, creative or just fun entry This year we're doing picture captions, aka. memes! All participants get eternal glory, an seat in the hall of fame and my gratitude for not letting me do this...

reaper by Cyber Elite
  • 2664 Views
  • 1 replies
  • 2 Likes

Alert if same traffic log entry is repeated N times..

We have had an instance of a third party having an issue with their system that generated repeated traffic over and over 17K 5 times a second, constantly. I can match the traffic in the log fairly easily. How can I set up an alert for that to go to our application owner? I can't figure out a way to do it other than a daily scheduled report whi...

PAN-OS 9.0 Released - Stop and Think

Today Palo Alto Network officially released PAN-OS 9.0 to the general public. Some of you may have read posts recently regarding features that have leaked out from the beta, and if you have any questions those of us that have been participating with the beta are now actually able to give you direct answers. Like any major release the next few we...

BPry by Cyber Elite
  • 22651 Views
  • 30 replies
  • 7 Likes

VPN

Hi.How to configure VPN that if peer ip and proxy id(remote address) is same.When try connect address traffic don not flow over vpn. When i write route vpn gets down.

URAN_725 by L1 Bithead
  • 3152 Views
  • 2 replies
  • 0 Likes

Resolved! Panorama -> User ID -> Group Mapping Settings with AD

Hi All We've got Panorama deployed successfully to manage our HA pair of 3020's, but I was wondering if somebody could point me in the direction of an article describing how the Active Directory Lookup works on Panorama for creating Group Mappings? When editing Group Mapping Settings directly the Firewall, it displays the AD structure which al...

what can be the reason for and ( description contains 'HA Group 1: Peer HA2-Backup keep-alive down'

We have PA5220 HA2 backup connection on copper port running via switch.today we got alerts on both active and passive firewalls. and ( description contains 'HA Group 1: Peer HA2-Backup keep-alive down' ) and ( description contains 'HA Group 1: Local HA2-Backup keep-alive down' ) i check the physical interface no errors.how can i know reason for ...

MP18 by Cyber Elite
  • 5901 Views
  • 4 replies
  • 0 Likes

DNS rewrite matching wrong NAT rule

Think this needs a case. Open to any suggested workarounds. Connecting two overlapping networks with NAT. (why? we have to)192.168.1.0 (zone1) -- PA -- (zone2) 192.168.1.0policy routing in place, come in zone1 interface go out zone2 and vice versaDoing network nats at a /24 in this example If I do two rules, natting the overlapping network...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks