General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

IP Wildcard Mask Address Objects

Hey,

This properly confuses me every time I look at it. Is anyone able to explain in very simple terms how to work out what the mask should be?

 

For example: We have an IP scheme that looks like 10.x.128.0/24 where the x changes for each site. We ha

...

Failed to renew device certificate

Hi

 

the device certificate is going to expire end of march.

My PA trys to renew it and comes up with the following error:

Failed to renew device certificate.Failed to send request to CSP server.Error: No OCSP response received(dest => 35.238.43.180)

 

I h

...

kbe by L3 Networker
  • 5266 Views
  • 8 replies
  • 0 Likes

Resolved! EDL and Auto Commit Fail

So the EDL ballooned at some point and was not checked beyond capacity of 220 PAs.

Upgrade attempted from 9.1 to 10.1

When upgraded to 10.0 autocomit won't complete and give large EDL error.

 

Firewall doesn't seem to make connection attempts to EDL

...

raji_toor by L4 Transporter
  • 222 Views
  • 1 replies
  • 0 Likes

Resolved! forward trust certificate

Hi, i have a requirement to do ssl inspection from traffic from 2 different security domains, i have imported CA and issuing certs from the different DC's etc, i have then created new 2 certs for the to be used as the forward trust certs, but when i

...

Credential agent crashes LSASS

Setup a 2016 RODC so I could use the Credential Agent.

As soon as I try starting the agent as system, the server pops a message that I will be force restarted in 1 minute. It non-gracefully reboots in 1 minute. I tried agent v10 and v9. Perms and sett

...

Resolved! Device Certificate fetch failure

Version : 10.1.6-h3

Issue/ Error log : Failed to fetch device certificate. Failed to send request to CSP server. Error: No OCSP response received(dest => 35.222.13.89)

Tshoot : Generated OTP over support portal but no option for me to key in the OTP

...

VLim by L1 Bithead
  • 493 Views
  • 3 replies
  • 0 Likes

IPSEC vsys cli

Hi

I configure IPsec tunnel.
When I configure with manual on web interface, by default was adding vsys to Tunnel Interface--Virtual system.
But when i configure with cli doesn't visible vsys(it visibles empty).

which command i can used for adding vsys?

 

Rajab725 by L1 Bithead
  • 3338 Views
  • 11 replies
  • 0 Likes

Upgrade Clarification from Documentation

I found a post on the forum that went inactive about a month ago stating if you are upgrading from 8.1. to 9.1 you should

 

1. Download 9.0.0

2. Install the Preferred 9.0.X release

3. Download 9.1.0

4. Install the Preferred 9.1.X release

 

The docume

...

Scott127 by L1 Bithead
  • 245 Views
  • 3 replies
  • 0 Likes

Day 1 Configuration of PAN-410 model firewall

I created day 1 config file for my PA-410 model firewall and loaded the configuration. But while commiting Got below error:

"email-scheduler -> Possible Compromise -> report-group 'Possible Compromise' is not a valid reference
email-scheduler -> Possi

...

Sujanya by L2 Linker
  • 222 Views
  • 2 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors