This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4108 Views
  • 0 replies
  • 0 Likes

Panorama NAT Translation

I have two datacenters in a region to where multiple offices backhaul to the primary datacenter or may fail over to the secondary datacenter. Both firewall pairs are managed by Panorama. Each datacenter has its on unique external IP range. We break out these offices on their own exit IP due to local language differences. My question is can I mak...

Resolved! Prototype from custom extension not showing in GUI

Hello, First: nice work! Nice tool 🙂 I've created my own extension for a new miner (to mine Bluecoat Local Database with a specific format) I've followed the youtubeminer tutorial and achieved to: - package my extension (wheel) - install it on minemeld manually (I cannot do it through git) But my custom prototype does not show in the We...

ARMEL_D by L0 Member
  • 4082 Views
  • 1 replies
  • 0 Likes

Palo Alto VM firewall registration

Dear All,I am a beginner to this platform and I successfully dowmnload a copy of PAN-VM-7.0.1.ova from the internet to start hands-on practice. I am trying to register the VM firewall to the Palo alto support website for more features and trial licences, unfortunately, for 10 days I am facing a nightmare reason why I decided to seek for help f...

2019-08-07.png
2019-08-08.png
bngala5 by L0 Member
  • 3034 Views
  • 1 replies
  • 0 Likes

User ID firewall having an empty status column for the server monitoring

Hello, We are using PAN-OS 8.0.6-h3. Our User ID firewall is showing an empty status column for the server monitoring. > show user group list Server error : op command for client useridd timed out as client is not available ^^This was encountered while adding an AD group in the Group Mapping -> Group Include List > less mp-log useridd.l...

ServerMonitoring.jpg

HA on aggregated interface

We don't have a qsfp module yet for our core switchse yet, so i am trying to use regular 10G interfaces in aggregate ethernet type HA.But neither Panorama nor the firewall iself seems to give the option for aggreagate interface in the dropdown of HA2 settings. If i set the interface indvidually to HA, I can see that option in both places. show ...

raji_toor by L4 Transporter
  • 10514 Views
  • 6 replies
  • 0 Likes

Resolved! How to ignore BFD traffic passing thru on virtual wire?

I have a virtual wire configuration, on an active-passive firewall cluster, where I am running a routing protocol through the virtual wire, with BFD (Bi-Directional Forwarding detection) attached to that routing protocol. In the virtual wire mode, the firewall is NOT participating with the routing protocol, and also, the firewall does not partic...

How to utilize VM-Information source

All, I'm attempting to alleviate some of the day-to-day operations that we do, and found that VM-information sources might be useful. I've got a test environment that can talk to a test vCenter and pull the attirbutes, but I'm not able to get the tags back from the server. Are tags a readable parameter for the Palo to use to build dynamic addres...

Active/Active ECMP

I have two Palo Alto 5250s running in my core network as a core firewall for all campus and datacetner traffic. They are running active/active. I have layer 3 routing south bound to two cat9500s not in VSS. So I am running HSRP on each 9500 alternating vlans to utilize them both. All 4 units are running OSPF to advertise loopbacks and iBGP is us...

Application Filters and dependencies - General Internet Use

Hi I've been following the instructions here: https://live.paloaltonetworks.com/t5/Blogs/What-are-the-recommended-applications-for-internet-access/ba-p/153835, on setting up applications filter for controlling internet access. I've configured the application filter, and applied it to my security policy, but I receive a lot of dependency warnings...

SSL Inbound Inspection

Hi Team Kindly help with below query. We approx host 100 websites of our partners. All websites are on SSL (https). I want to configure SSL Inbound Inspection. As per my understanding, I need to import SSL certificate of 100 websites for SSL inbound inpection. However this is not feasible. Is there any other simple way to implement the same. Reg...

How to upgrade a virtual panorama server from 7.1.16 to 9.x

Hi, I would like to upgrade a virtual panorama server from 7.1.16 to 9.x which has all Firewall logs and ACC reports. I read about log migration and Panorama mode change should also be part of this upgrade. I have never done a similar kind of upgrade and need help. Does anyone have any document or experience like this kind of upgrade?

Resolved! Query on Master key

Hello, We had to factory reset our standalone unit after the master key expired.Is Master key necessary for the PA? Looks like after factory reset there is no master key anymore. Thanks.

Resolved! Template variable setting of None a best practice?

At ignite someone was talking about using template variables and making sure that their values are set to "none" as default as a best practice, and then overriding on the panorama managed firewall (by local - I mean under Panorama/summary/managed devices). 1-If you have a setting of "none" and you place a firewall in that template stack- you ...

Sec101 by L4 Transporter
  • 9307 Views
  • 3 replies
  • 0 Likes

Resolved! unable to download vmware_nsx from support site

Hello, I've been struggling for some time now to upgrade Panorama from version 8.0.14 with NSX plugin (build_in) configured to 8.1.9.I'm getting this error:In version 8.0 you dont have the option to check now to be able to upgrade the VMWare_Nsx plugin.And I've checked on the support website to find the plugin, but I cannot find it in any of the...

VMWare_NSX_Plugin_error.jpg
GNeyrinck by L3 Networker
  • 5234 Views
  • 4 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks