This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 244 Views
  • 0 replies
  • 0 Likes

LCAP down on Passive Firewal

Hello team,

 

In an HA environment, with pre-negotiation for LCAP disabled , but passive link state set to "Auto" in the HA configuration, if all physical interfaces show as up, is the AE (Aggregated Interface) supposed to be up or down,  as the partne

...

Browsing Quota Time ?

I am coming from Forcepoint from a proxy perspective.  My questions is, does the Palo Alto support user browsing policies, and user quota times ?

 

I am looking to have some block list and white list created.   I am also wanting to give certain users l

...

Resolved! Commit error in HA

Hello,

 

We are using PA-VM with PAN-OS 8.1.6.

 

When trying to enable the Heartbeat and HA1 backup, we cannot commit as it failed with this error.

 

How to fix this issue?

CommitError.jpg

Security Profiles on Deny Rules

What is the best practice for adding security profiles to deny rules?  I like to add the URL profile to deny rules so I can see what URLs are being denied.  Who else adds security profiles to the deny rules and what benefit do you get? Has anyone had

...

Cisco ASA and Palo Alto 820 with multiple Proxy-ID

Trying to replace a site to site VPN Cisco ASA firewall with Palo Alto PA-850.  Cisco ASA on this side has multiple ACLs configured which is equivalent to Proxy-IDs.  It is configued with IKEv1, policy based, no IKEv2.  I do not have access to the fi

...

Resolved! session_end_reason eq decrypt-error - 8.0.9

Attempting to decrypt inbound ssl traffic to our federation server. I have been unsuccessful and getting decrpyt error.

 

We have been decrpyting other public servers in the same manner with individual certs succesfully for the past couple years. I hav

...

clewis1 by L3 Networker
  • 21923 Views
  • 14 replies
  • 0 Likes

Firewall Throughput

We have a PA3050 in a very simple setup.

1 outside interface and 2 inside interfaces (aggregated). 

 

A few times a week our clients complain about performance. During this time the firewall is generating 1Gb throughput (flat-line).

 

However, the through

...

PA3050-Throughput.PNG
Sjoerd by L2 Linker
  • 3475 Views
  • 2 replies
  • 0 Likes

user-id

Hi Community,

 

I am running PA local user-id agent in PAN os 8.1.3

i am facing an issue that my server monitoring is shows as 'not-connected', i am able to test the authentication and proper service account is configured. it was working fine for long t

...

Resolved! Server with public IP behind the firewall without Natting

 

We need to have a 1 server behind the firewall with public ip address.

We do not want private ip on the server.

 

Firewall -  outside zone

Server is behind the DMZ_Zone.

 

Currently  DMZ has sub interface with private ip address

 

so when traffic comes from

...

MP18 by Cyber Elite
  • 7648 Views
  • 3 replies
  • 0 Likes

Resolved! Panorama 8.1 in VM question

Hi

 

I was just checking out my VMWare vm setup for my Panorama VM. and it has 2 interfaces on it.

 

how does that match up to the setup interfaces page

 

so 1 is management and 1 is eth1 ?  how can i tell and why have 2 ?

Resolved! GlobalProtect Client Profile Question

As the title my question in my mind is relatively straight forward.. when a globalprotect client sucesffuly makes a vpn connection... is there any local profile settings saved to a file on the pc / mac?

 

If so, where are these logs saved / folder path

...

carterg by L2 Linker
  • 3568 Views
  • 1 replies
  • 0 Likes
  • 23627 Posts
  • 107 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks