This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

Group mapping settings not listing AD groups in GUI

Hi, I am trying to configure user-id based authentication in Palo Alto 5220 (Pan OS 9.0.2). I have integrated Palo Alto with AD using LDAP profile. I am not able to add the AD groups in the "Group Include" list as they are not being listed in the GUI. I am using panorama to manage the firewall. However, i am able to view the groups in CLI of th...

MGRashmi by L2 Linker
  • 10532 Views
  • 4 replies
  • 1 Likes

Resolved! SFP Compatibility

Hi everyone, Good day. I have a query regarding the compatibility between a PA-3020 management port (ethernet) connected through an ethernet cable to a Cisco switch with SFP port. A transceiver is in place at the switch end for plugging the ethernet cable. Currently when it is connected not even the link LEDs are glowing. The specifications for ...

Resolved! Sudden issues with address objects in policy rules- behaves as if 0.0.0.0/0 is set

Since about 4 days I am experiencing a critical problem in relation to policy rules with address objects and suspect an update to address/region objects has caused this mess as I am experiencing this issue with: - manually added address objects- predefined country regions- dynamic address groups (based on tags- even if the address group is empty...

Bildschirmfoto 2019-09-24 um 10.51.52.png
Bildschirmfoto 2019-09-24 um 10.52.21.png
pan219 by L2 Linker
  • 7469 Views
  • 3 replies
  • 0 Likes

Resolved! Different Response Page for https and RDP traffic

I have configured MFA with Radius.It is for https and RDP trafficWhen we access http site we get response page to put Radius Credentialsbut when we do RDP connection to server we get different response pageNeed to know how can i make same response page for both http and RDP traffic?Also response page ask for Password how can i change it to show ...

MP18 by Cyber Elite
  • 3806 Views
  • 2 replies
  • 0 Likes

Monitoring Palo Firewalls using System Center Operations Manager

Hey Guys, before I get boo'ed and suggestion of more featured products to monitor palo devices (pano, something or rather dominated googles results) but...our main objective with monitoring our environment, is single pane for monitoring/alerting etc, and SCOM has fit the bill quite nicely. The past 6-12months we've looked at, and started implem...

jondavis by L0 Member
  • 4617 Views
  • 2 replies
  • 0 Likes

Best Practise for Scheduling Dynamic Updates

We want to schedule dyanmic updates , we dont have test environment. we can schedule updates on satellite offices then after 2 days to be installed on hub sites. prb is if new application traffic hits it will be denied by hub as that application would be unknow for hub ? Any recommendation on this scenario.

Resolved! Bringing up all interfaces in ESXI enviroment

Hi, I followed the docs when setting up a Palo Alto in an ESXI environment. I created 9 port groups for the device and connected each interface on the Palo Alto to one of them. When the Palo Alto came up all of the interfaces as not configured. If I set the interfaces to something (say TAP, Layer2, Laywer3 etc.) then they all come back as down e...

golariu by L1 Bithead
  • 3533 Views
  • 2 replies
  • 0 Likes

Import existing config into Panorama woes

We have a handful of standalone PAs that we want to import into Panorama. However in our first interation it failed with the following errors and I am not sure why. The entire process isn't made clear to me either via PA (like a lot of their stuff but I digress) so I was wondering if anyone has done this and can help point me in the right dir...

pan-post.JPG
drewdown by L4 Transporter
  • 6273 Views
  • 2 replies
  • 0 Likes

Resolved! Downloading PAN-DB via Panorama

Hi team, I've had a customer inquire about downloading PAN-DB on their firewalls via the use of their Panorama, problem is I can't find any documentation that would cover this. The use case of this would be for a deployment that is completely offline in terms of the firewalls, and they only have access to Dynamic/Software updates via the Panoram...

Lauchlan by L0 Member
  • 6571 Views
  • 2 replies
  • 0 Likes

How do I test ransamware myself ?

Hello, everyone of the specialistI plan to settings for wannacry in the Pan-OS 8.1I want to check in advance that the settings will workBut I can't have a real wannacry on my PCSo I'm worried about how to prepare a fake wannacryDo you have a good ideaThank you ~~~~japaneseこんにちは、スペシャリストの皆さん私はPan-OS 8.1でwannacryに対する設定をする予定ですその設定が間違いなく動作するかを事前に確認した...

awawa100 by L2 Linker
  • 4265 Views
  • 3 replies
  • 0 Likes

Resolved! Using PA220 as a "switch"

Hey all, i got a question that im not sure how to solve.This is my setup/what i want to do do. I got a L3 internet line on Ethernet1On eth2 i got a CAT2960L with vlans 10 and 20.On eth3 i got a CAT2960L with vlans 10 and 20. I got 2 2802i with mobility express and i want to use one as a WLC and the other to use that WLC.One AP will be in VLAN 10...

holten by L1 Bithead
  • 7391 Views
  • 4 replies
  • 0 Likes

SSL certificate expiring soon

I have a wildcard cert issued by godaddy which I use for inbound decryption on approx 10 dmz servers. it is set to expire soon and we've got a new cert. how can I seamlessly import it and not break the client connections as my server admins servers cannot replace the cert on all of them at same time. Thanks in advance.

Can't commit in Panorama 8.1.4

Trying to add a new firewall into panorama, Im simply adding the serial number to the manageded devices and when I try to commit I get the following: Validation Error:deviceconfig -> system -> panorama-server constraints failed : Panorama server address cannot be the same as own management IP addressdeviceconfig -> system -> panorama...

Captive portal is not working on Chrome browser only

Hi Team In my premise we have more than 200 machines, In all of the machine Captive portal is not working on chrome browser only but its working fine on IE and firefox browser. Its not seems like browser issue. Something related to PA firewall. Please help me to fix the issue. RegardsMohammed Asik

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks