This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4225 Views
  • 0 replies
  • 0 Likes

Resolved! External Dynamic List

Hi, We are planning to use URL type EDL (external dynamic list) in a security policy rule / URL filtering profile. Does PA translate the URL in the external dynamic list to IP address? using FQDN refresh (like if we created an FQDN object in the firewall) How does it work exactly? any inputs would be appreciated. Thanks

L1_ENG by L1 Bithead
  • 9182 Views
  • 3 replies
  • 0 Likes

Resolved! PA-220 FIB limit

HiKindly I need a feedback about how many maximum routes PA-220 supported to learn from OSPF Neighbors ?ThanksKonrad

polak71 by L1 Bithead
  • 4136 Views
  • 2 replies
  • 0 Likes

Config not reflecting on firewall when pushed via panorama

Hi , We are facing unusual issue in our enviorment .We have pushed the changes from Panorama to devices but changes are not reflecting on individual firewall . Verifed commit logs , no error . All showing result succeeded . Panorama version - 9.x.xFirewall version 8.x.x Anyone faced similar issue ? Or any suggestion regarding same. Thanks .

deepak12 by L3 Networker
  • 13333 Views
  • 7 replies
  • 0 Likes

Resolved! GP gateways under the same ISP

Hello , I have setup for the company portal and gateway with a specific IP pool and there is one pulbic IP on the ISP. Now they want partners to connect as well and I was wondering if is possible to have either on the same gateway another VPN IP pool and setting like DNS or I can make another gateway under the same IP with another port.

URL Filtering logs

I am using PA-500 on the version of 8.0.18 i am not able to see the URL filteing logs which has the host accessed the URL's from IP too.Kindly guide me

Upgrade

Hello Everyone, I have a PA 5020 in version 8.0.9, what is the most stable version to update?

Stack override template with IP of none

I'm trying to use the same "interface" template for all of my locations. Unfortunately not all locations have the same number of subinterfaces. I'm trying to override subinterfaces that aren't needed at the stack level somehow so that they are pushed as "null" or "no ip". Any ideas, suggestions?

HA Setup

I have firewall in HA(A-P) mode.If device priority is same on both , will there any delay in switching A-P role during failover activity ?

deepak12 by L3 Networker
  • 3672 Views
  • 4 replies
  • 0 Likes

config on passive & pushing to active ?

Dear All, As I have always been practicing to do the configuration and changes on the primary device and then it is its responsibility to push the configuration on the secondary device but as I have also been seeing people to do the configuration on the secondary devices be it juniper, F5, Palo and they really don't consider this active passive ...

Gchander by L1 Bithead
  • 5356 Views
  • 3 replies
  • 0 Likes

PAN-SA-2019-0020 ... really?

Hello Paloalto Team Last thursday you published the securityadvisory for a critical RCE vulnerability and today you notified the customers again with an "Action recommended" article here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Action-Recommended-Recent-Security-Advisory-PAN-SA-2019-0020-Ref/ta-p/278505 In this article you write...

Remo by L7 Applicator
  • 5422 Views
  • 2 replies
  • 0 Likes

session end reason threat

We have vendor traffic coming to PA and session end reason is threat.Under threat i can see the threat id numberThey are lot of them For easy way I have disabled the security profile vulner protection for that rule. Need to confirm by doing this PA should not end the session with threat right?

MP18 by Cyber Elite
  • 6378 Views
  • 1 replies
  • 0 Likes

Resolved! Global protect "Could not connect to gateway contact your IT administrator"

Hi Team, When I'm trying to connect global protect from agent it gives an error "Could not connect to gateway contact your IT administrator". When I dig into debug logs, i found below intersting logs. (T3120) 08/06/19 12:56:14:274 Debug(4388): SetGatewayRoute: GetBestRoute() returns Dest:0.0.0.0 Mask:0.0.0.0 if_index=12 metric1=50(T3120) 0...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks