This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

Interface flap email alert on Palo Alto 8.0

Hi Folks, I want to configure email alert for interface flapt i.e ( subtype eq port ). On email server profile under custom log format if I add $subtype eq port , would it be sufficient to trigger alert ?

Resolved! SMTP Authentication

Hi guys, According to this document, at the bottom, it states that SMTP authentication is currently not supported. This was in 2014, so does anyone know if this is still not supported? https://live.paloaltonetworks.com/t5/Learning-Articles/How-to-Send-a-Test-Email-to-Verify-Email-Profile-Settings/ta-p/60956 Cheers Jack

split tunnel issue

I have set up a GlobalProtect gateway in Panorama (software version 9.0.0.0) and configured it for split tunnel, however the configuration is not applying to the firewall (PA850 - software version 8.1.6)

What is the maximum number of service objects that can be registered in a one-line policy?

Hello, expert of everyoneI'm using PA-3220Pan-OS is 8.1239 objects registered in service group AI want to allow service group A in the security policyCan I specify service group A with a one-line policy?I think you can add up to 1000 objects to a policy groupWill I get an error if I create it with a one-line policy?Can you tell meThank you 日本語~...

awawa100 by L2 Linker
  • 4718 Views
  • 3 replies
  • 0 Likes

Palo Alto Home Server Network

I currently have a family property that consists of 3 adjoining properties and structures, we retain a private home server network and are looking to protect it utilizing Palo Alto Virtual Appliance, but are being told in order to do so we must be a corporate entity to obtain PA-VM licensing, does anyone have any advice on this matter or an alte...

boernerj by L1 Bithead
  • 3248 Views
  • 5 replies
  • 0 Likes

Resolved! Security Policy Search Results

We have a 3020 firewall with version 8.0.10 and need to allow a new server access to resources in other zones. An existing server, 10.100.100.10 already has this access, so I need to mimic the access of this server. In Objects\Addresses there is an entry for 10.100.100.10 with the name Server1.In Objects\Address Groups there are a couple of grou...

Analyzing Email Traffic on Palo Alto

We have our in house mail server which is behind the Palo Alto, all incoming and outgoing email traffic go through it. Can we analyze the email traffic and get following information? SenderRecipient Attachment File nameAttachment File TypeEmail SubjectEmail body / content

HA Data Link Ethernet vs IP

Hi, When I configure HA for data link I use Ethernet when devices are directly connected to each other, but sometimes in the field I see people using IP for transport but the devices are directly connected to each other. Why are they doing this? There is no reason to do it unless it needs to route. Can someone help me understand there logic? Thanks

junior_r by L3 Networker
  • 8625 Views
  • 6 replies
  • 0 Likes

Customer Experience (CX) Day on LIVEcommunity

October 1st is Customer Experience (CX) Day, and Palo Alto Networks is celebrating you, our customer! Join us in this celebration. Tells us: - What great customer experience means to you. OR - About a LIVEcommunity member or Palo Alto Networks employee you think delivers fantastic customer experience! Use the hashtag #CXDAY2019 with your...

CX-Day 2019 LIVEcommunity (1).png
reaper by Cyber Elite
  • 4440 Views
  • 3 replies
  • 3 Likes

VPN problem

Hii have a problem. i have configured vpn ikev2 ipsec. When test vpn with CLI command( test vpn ipsec tunnel [name]) vpn gets up. But when other side try to connect, vpn do not get up.Also when i check system logs this logs appears:'IKE phase-1 negotiation is failed. Couldn\'t find configuration for IKE phase-1 request for peer IP x.x.x.x[500].'

URAN_725 by L1 Bithead
  • 4530 Views
  • 3 replies
  • 0 Likes

PXE boot

I'm trying to get pxe boot to work through the firewall. Now options 66 and 67 are available in palos dhcp server but I can't get it to work anyway. Besdies normal dhcp options I've setup option 66 with IP and ip-address and option 67 with ASCII and \path\bootfile I have a sec pol with any any to the sccm server. All I can see is tftp traffi...

Meraki Implementation

Curious if anyone has Meraki and a PAN setup. We are trying to to link our remote sites to the data center. At the remotes the meraki is the router then in the data center we have the meraki behind the the PA. We can establish a VPN tunnel and ping internal devices, but it is really slow. For example logons to workstations take forever, and ...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks