This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4439 Views
  • 0 replies
  • 0 Likes

Global Protect not connecting to gateway

I have a Pa220 and its using DHCP for untrust interface. I have followed about 40 documents and knowledgebases and still have no success with connecting my iphone to the palo via global protect. I am using self generated cert. I have collected the logs from the GP client but, I do not know what I am looking for to see what the issue is.

Resolved! How to Stop DNS traffic logs going to Log collector

We have M500 and syslog server getting all the traffic logs.What we want is do not send DNS logs to M500 only to Syslog server.Need to know how can i config this ? Currently we have single log forwarding profile.

MP18 by Cyber Elite
  • 7009 Views
  • 3 replies
  • 0 Likes

Resolved! Is there a way to force Applications Seen to Update?

I'm running PanOS 9.0.3-h3 and I'm creating some new Security Policies.I like that I can see what applications are getting hit in the rule. My only problem is that while I'm testing, I seem to have to wait overnight for the Applications Seen to get updated for new rules.Is there a way from the GUI or CLI to force the processing of the Apps seen?...

All traffic through LSVPN (or LSVPN route metric)

I want all satellites to route all traffic through VPN tunnel when it's available. In GP gateway if I leave Access Routes emtpy or if I publish 0.0.0.0/0 to the satellite I get the default route with metric 100 on the atellite. But that means the static default route entered on initial configuration of satellite will still remain the active rout...

santonic by L6 Presenter
  • 8411 Views
  • 6 replies
  • 0 Likes

Policy Optimizer Apps

Is it possible to add the apps seen by the policy optimizer to an application group already created? I feel like this should be easy, but I can't seem to be able to do it. It appears you can create new app groups but cant add to current? Am I missing something?

Resolved! HA2 connection with HSCI port and distance of 30 km

On PA 5520 with active passive mode is it possible to use HSCI port for HA2 connection if distance between active and passive PA is 30 km.I read some QSFP+ transceiver support 40km with single mode? Need to confirm here if this is possible ?

MP18 by Cyber Elite
  • 5971 Views
  • 2 replies
  • 0 Likes

Resolved! GlobalProtect setup frustration

Hello -Originally, I was going to setup GP with RSA MFA using this document: "RSA SECURID® ACCESS Implementation Guide Palo Alto Networks Next Gen Firewall 8.0" It is written by RSA and is woefully lacking in detail and after seven hours on the phone with Palo support I decided to abandon that idea for now. At this point I'd just like to get GP ...

Shawverr by L3 Networker
  • 17021 Views
  • 23 replies
  • 0 Likes

Resolved! multi vsys security policy with ANY zone

I am testing multi vsys configurations in my lab and noticed that I am unable to use a source/destination zone of "any" in the device group security policy associated with vsys2. The default vsys1 accepts "any" zone. When I attempt to commit/validate to the device i get a error like the following attached. It seems as I can only have defined ...

Resolved! SQL Cluster Through PA Firewall

We have Palo Alto firewalls with version 8.0 and need to allow SQL Cluster synchronization from one zone to another. The servers are Windows 2016 with MS SQL 2016. I'm not a SQL expert but tasked with a firewall rule between these clusters. I appreciate any advice or help. Jeff

URL filtering behavior when used in conjunction with web proxy

Hello guys, I'll make it as short as possible. The summary of our system is below.Client PCs use must use an internal web proxy ("Proxy" in the diagram) when they want to access the internet.The internal web proxy then forwards the proxy connection to an external proxy. ("WSS" in the diagram)Palo Alto's ("PA" in the diagram) URL filtering is use...

Firewall receiving a HTTP 401 error when trying to access the Minemeld server

Hi All, I've configured an external dynamic access list with the relevant account username/password to reach our minemeld server. When I test the connection however using 'test source url' in the external dynamic list configuration, this fails with a URL access error. On the minemeld server log: 127.0.0.1 - - [26/Sep/2019:14:25:45 +0100]...

  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks