This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Route Reflectors

Is there more details on the route reflector options? The documentation is pretty vague. what is enable sender side loop detection? What is bidirectional peering?

Panorama in NSX deployment not showing interfaces within the template

Hello community! I have an issue you maybe can help me with:I´m deploying PAN-VM firewall on NSX and noticed that the template where I added the VM doesn´t have interfaces.The VM is connected to the Panorama and the template is in sync, I push a new zone and this creates a new vwire pair of sub-interfaces on the VM as it should be but in Panoram...

Carracido by L4 Transporter
  • 4169 Views
  • 2 replies
  • 0 Likes

ConnectionError: Too many connections

Hi,I'm using outputs feeds from minemeld in my Firewall and I have seen the next:If I try to retrieve an output with 142 or less indicators, it works. The Firewall shows the entries from minemeld output node.If I try to retrieve 150 or more indicators from an minemeld output, it doesn't works. The entries in the Firewall are empty.The logs in/op...

Mtorre by L0 Member
  • 3601 Views
  • 1 replies
  • 0 Likes

scheduled reports are not being generated

Hello Community! I have an issue with scheduled reports, they are not being generated. I send a "test email" and I receive it, I reboot the Firewall and I receive the scheduled reports for some time but then it fails again. I´m running PAN-OS 7.0.1 Did anyone have the same issue?? How can I troubleshoot this issue?? In which file in the tech...

Carracido by L4 Transporter
  • 4776 Views
  • 4 replies
  • 0 Likes

PA 500 home use

My employer is starting to use PAs, and as a networking person I want to get much more comfortable with them, I wanted to buy an small one off ebay to use as my home router. I won't need global protect, OR wildfire as I just want to run the PA as a router in a "less critical" environment. If I do get one off ebay are there license fees that I'm ...

tmolleck by L0 Member
  • 10573 Views
  • 6 replies
  • 0 Likes

Resolved! Query on QoS

Hello, Basically I want to QOS all voip traffic coming in and out. Can I just QOS all traffic going to AND coming from a particular WAN address? (see security rule). That way i can just specify all applications and all services. I’m unsure if below setup is working.In the Statistics page can’t see any bandwidth changes even when making phone calls.

QoS.jpg

Best Practice Security Profile Adoption - Determine Which Feature Impacts which Adoption Scores?

How do you determine(map) which Feature (Policy, Objects, Network, Device) is conntected to which Adoption Category (Wildfire, Anti-Virus, Anti-Spyware, etc.)? I am missing the connection between how to improve my metrics for the Security Profile Adoption Summary and which feature will impact the metric/score. I have reviewed the Getting Star...

DebFar by L0 Member
  • 4385 Views
  • 2 replies
  • 0 Likes

Suggestion on how to made dual IPSec VPN UP with Dual ISP failover by configuring Dual VR

Hi Team, I am just wondering on how to made Dual IPSec VPN Tunnel UP at the same time with redundant ISP link after mapping each ISP in different VR. We have configured dual VR. In that, Primary ISP port is mapped in Primary VR and Secondary ISP port is mapped in Secondary VR. Due to this above scenario, in order to made the Phase1 UP for the S...

IPSec.PNG

Avoid Attack from outise in PA

HI, We are having attacks from outside to DMZ. Many diffrents ips are attacking our public range. These attacks are causing packet buffer 100% and CPU 100%, doing an outage in our network. So in traffic logs we can see all sesiones being denied for policy deny. Is there any way to avoid that FW proccess these sessions and not increasing CPU?? w...

BigPalo by L4 Transporter
  • 7489 Views
  • 8 replies
  • 0 Likes

Global Protect with Azure MFA issues

PA3020 PANOS-8.1.7 GP-4.0.7Using Radius server for auth.Radius talks to Azure MFA for 2 factor auth.Having timeout issues.Sometimes user not getting MFA prompt on the phone.If the get MFA prompt they will get auth errors.

Panorama help : How to reset rules hit count

Hello everybody, I have to reset three policies usage in Panorama 8.1 firewall but in this version is not available this option in the GUI. I guess I can do it from the CLI. Can anyboy help me?. Thanks in advance.

carlostg by L1 Bithead
  • 8139 Views
  • 1 replies
  • 0 Likes

Restart is disabled because no ike sa was established

We have IPSEC tunnel to vendor.Tunnel is up Gui shows Phase 1 is red.I can ping the IP on the tunnel on vendor side which is Gateway for Vendor LAN.Unable to ping the LAN IP on vendor side. PA shows traffic is passing but nothing coming back from vendor LAN?

MP18 by Cyber Elite
  • 5778 Views
  • 2 replies
  • 0 Likes

Firewall rules suggestion

Hello I would like to have advices regarding firewall rules. I'm deploying a PA-3220 on my main site (site A). On this main site, I have several zones configured on my PA3220 (user, servers, dmz Intranet,). I have also 5 remote sites. I must create a rule to allow small sites and users & servers zone configured on my main site (site A) to re...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks