This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

config on passive & pushing to active ?

Dear All, As I have always been practicing to do the configuration and changes on the primary device and then it is its responsibility to push the configuration on the secondary device but as I have also been seeing people to do the configuration on the secondary devices be it juniper, F5, Palo and they really don't consider this active passive ...

Gchander by L1 Bithead
  • 5297 Views
  • 3 replies
  • 0 Likes

PAN-SA-2019-0020 ... really?

Hello Paloalto Team Last thursday you published the securityadvisory for a critical RCE vulnerability and today you notified the customers again with an "Action recommended" article here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Action-Recommended-Recent-Security-Advisory-PAN-SA-2019-0020-Ref/ta-p/278505 In this article you write...

Remo by L7 Applicator
  • 5375 Views
  • 2 replies
  • 0 Likes

session end reason threat

We have vendor traffic coming to PA and session end reason is threat.Under threat i can see the threat id numberThey are lot of them For easy way I have disabled the security profile vulner protection for that rule. Need to confirm by doing this PA should not end the session with threat right?

MP18 by Cyber Elite
  • 6353 Views
  • 1 replies
  • 0 Likes

Resolved! Global protect "Could not connect to gateway contact your IT administrator"

Hi Team, When I'm trying to connect global protect from agent it gives an error "Could not connect to gateway contact your IT administrator". When I dig into debug logs, i found below intersting logs. (T3120) 08/06/19 12:56:14:274 Debug(4388): SetGatewayRoute: GetBestRoute() returns Dest:0.0.0.0 Mask:0.0.0.0 if_index=12 metric1=50(T3120) 0...

Threat log types

For threat logs in PA i see below options ( subtype neq vulnerability ) and ( subtype neq spyware ) and ( subtype neq packet ) and ( subtype neq scan ) need to know if this makes sense ?? where vulnerability is part of vul protection scecurity profile which is layer 7 ?? spyware is anti spyware profile which is also layer 7 ??? scan and packe...

MP18 by Cyber Elite
  • 3036 Views
  • 1 replies
  • 0 Likes

Aplication Dependency commit Warnings after 8.1.8 upgrade

Hi, Recently we had to upgrade our customer PA-3050 from a 8.0.10 to 8.1.8 version.After we did it everything works fine, but when they did a commit of the configuration a lot of Aplication Dependency commit Warnings appears:We check all the policies and in every one all the applications are included. Anyone knows why this happened and how to so...

commit watnings.jpg
policy.jpg

Unable to get into maintenance mode

Hello All,I was in the process of upgrading our firmware of our PA500 to 8.1 and when the device rebooted, it did not want to come back online. Checked the startup and noticed I was getting this error message. I did read online that it might be an issue with the hard drive? Is there a way I can resolve this? I cannot even get into maintenanc...

jsuttor by L0 Member
  • 5263 Views
  • 3 replies
  • 0 Likes

Critical system logs

Hello,I'am planning to install a monitoring tool, and i need critical system logs generated by the PAN-device. Is there any docs that mention it?Regards.

asia by L3 Networker
  • 8595 Views
  • 8 replies
  • 0 Likes

Resolved! Connecting WildFire Private Cloud to firewall

When connecting WildFire Private Cloud to firewall (Device > Setup > Wildfire), It appears that we can only add one (1) appliance IP address. However with a cluster there's more than one appliance.1) Should this be the management IP address of the Primary cluster member?2) How does the Firewall know to send traffic to the other appliance(s...

Resolved! Disabling HA

Hi Community, Does disabling HA using the master switch ( Device -> High availability -> general -> setup ->enable HA checkbox) will cause the interfaces to go down and up ?. I understand that the interface mac has to be changed from virtual to physical one, does it cause a flap.I have faced an issue that disabling caused aggregate i...

Resolved! MineMeld engine failed to start.

I was attmepoting to configure Minemeld to pull AWS ip addresses, but nothing happened when I hit commit. I noticed the Supervisor had stopped, and came across this earlier article. I issued the commands: sudo service minemeld stop sudo service minemeld start sudo -u minemeld /opt/minemeld/engine/current/bin/supervisorctl -c /opt/minemeld/local/...

Need to allow service for Ping application

Hi Team We have configured the one Destination NAT policy. My requirement is Ping the NAT IP (Public IP) from the external network. I have configured one security policy with application as 'ping' and service as 'any'. For the above configuration, I can able to ping the Public IP from the external network. But I want to allow the specific servic...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks