This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 795 Views
  • 0 replies
  • 0 Likes

Resolved! debug dataplane for vwire and flow

if we have PA in vwire mode for troubleshooting purposes we can do pcap

Also we can do 

debug dataplane packet-diag set log feature flow basic

Other then this can we use any other flow for vwire troubleshooting?

MP18 by Cyber Elite
  • 3889 Views
  • 4 replies
  • 0 Likes

Cisco ASA multi Context migration

I am migrating a configuration over from a Cisco ASA that uses multiple contexts and have several questions about how to replicate that in a PA.

 

1. The ASA's use port-channel groups and for the internal and external those are shared. On the inside in

...

aporue by L3 Networker
  • 6428 Views
  • 3 replies
  • 0 Likes

Resolved! DNS security and cloud lookup

 

With PAN OS 9.0 Does PA do cloud clookup for everydomain 

or 

 

only for domains which are not in DNS sinkhole of Antispyware profile?

 

I was told DNS security is a  part of PAN DB  so when clouds verdict is that particular domain is  bad hows does this

...

MP18 by Cyber Elite
  • 5015 Views
  • 4 replies
  • 0 Likes

Resolved! commit error

today i got commit error 

 

Client websrvr requesting last config in the middle of a commit/validate. Aborting current commit/validate.

 

Commit failed

 

 

 

Fix was i just need to run the commit again.

Need to know why this commit error occured?

MP18 by Cyber Elite
  • 8494 Views
  • 2 replies
  • 0 Likes

Setting All traffic of a specifif URL to the primary ISP

Hi Everyone!

 

How will I set all traffic from https://www.siteground.com/  to my primary ISP? Because Currently we have two isp and running in a balanced round robin. The issue is whenever we go to the website it shows an error  "Due to ip changed ins

...

AVITUTS by L0 Member
  • 3067 Views
  • 3 replies
  • 0 Likes

PBF state is dicard

I have 2 internal test IPs, 172.16.16.2 and 172.16.16.3. These 2 IPs are respectively PBF, which implements different paths. And these two IPs have done two-way NAT. Map them to a public network address. 
The problem that arises now is that 172.16.16.

...

pbf-rule.png
pbf-config.png

How to make PA side as intiator for VPN with Azure

We want to make Palo Alto side as intiator for VPN with Azure .

 

Currently we have IKE settings as aes256,3des , sha1 sha256 and group 2 .

with lifetime less that azure standard 28800

 

still we are seeing PA acting as responder.

 

Basically issue is with

...

Resolved! minemeld-web FATAL, CENTOS Latest Dev Edition

I performed a recent git pull and performed the standard upgrade due to we were having issues on the edition we were on. However the minemeld-web will not load. I tried the revert back to pip 9.0.3 command for others having the with no luck.

When tryi

...

WilliamT by L0 Member
  • 5056 Views
  • 2 replies
  • 0 Likes

Top urls by Bandwidth for a user

Hi Everyone,

This is probably a very simple task, however i am not getting the result I am after.

 

I am trying to create a report that shows me the top URLS by bandwidth for a user for the last 7 days

, in the User Activity Report ( predefined) it shows

...

Resolved! Destination NAT

Hi there,
I have few URL acessible publicy one of them is WWW and HTTPS. I have dedicated HTTPS URL(xyz.com) however all other www URL(abc.com) is also accessible though https and redirecting to that https url(xyz.com). i am not sure what i am missing

...

Resolved! SSL Certificates import

Hi All,

 

I need to import some SSL certificates for a Global Protect instance. Customer has already supplied me with their wildcard certificates which I have imported but I cannot select them when creating an SSL/TLS Service Profile. Can I set up this

...

a.jones by L3 Networker
  • 3849 Views
  • 2 replies
  • 0 Likes

SSL Outbound decryption - Outbound traffic

Hi There, I need your inputs to implement SSL Decryption, currently we have Proxy Server - WSA and same is configured at all end users explicitly. WSA Doesn't have ssl decryption. Hence we would like to deploy ssl decryption at perimeter firewall pal

...

  • 24149 Posts
  • 117 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks