This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4231 Views
  • 0 replies
  • 0 Likes

PA 500 home use

My employer is starting to use PAs, and as a networking person I want to get much more comfortable with them, I wanted to buy an small one off ebay to use as my home router. I won't need global protect, OR wildfire as I just want to run the PA as a router in a "less critical" environment. If I do get one off ebay are there license fees that I'm ...

tmolleck by L0 Member
  • 10719 Views
  • 6 replies
  • 0 Likes

Resolved! Query on QoS

Hello, Basically I want to QOS all voip traffic coming in and out. Can I just QOS all traffic going to AND coming from a particular WAN address? (see security rule). That way i can just specify all applications and all services. I’m unsure if below setup is working.In the Statistics page can’t see any bandwidth changes even when making phone calls.

QoS.jpg

Best Practice Security Profile Adoption - Determine Which Feature Impacts which Adoption Scores?

How do you determine(map) which Feature (Policy, Objects, Network, Device) is conntected to which Adoption Category (Wildfire, Anti-Virus, Anti-Spyware, etc.)? I am missing the connection between how to improve my metrics for the Security Profile Adoption Summary and which feature will impact the metric/score. I have reviewed the Getting Star...

DebFar by L0 Member
  • 4446 Views
  • 2 replies
  • 0 Likes

Suggestion on how to made dual IPSec VPN UP with Dual ISP failover by configuring Dual VR

Hi Team, I am just wondering on how to made Dual IPSec VPN Tunnel UP at the same time with redundant ISP link after mapping each ISP in different VR. We have configured dual VR. In that, Primary ISP port is mapped in Primary VR and Secondary ISP port is mapped in Secondary VR. Due to this above scenario, in order to made the Phase1 UP for the S...

IPSec.PNG

Avoid Attack from outise in PA

HI, We are having attacks from outside to DMZ. Many diffrents ips are attacking our public range. These attacks are causing packet buffer 100% and CPU 100%, doing an outage in our network. So in traffic logs we can see all sesiones being denied for policy deny. Is there any way to avoid that FW proccess these sessions and not increasing CPU?? w...

BigPalo by L4 Transporter
  • 7548 Views
  • 8 replies
  • 0 Likes

Global Protect with Azure MFA issues

PA3020 PANOS-8.1.7 GP-4.0.7Using Radius server for auth.Radius talks to Azure MFA for 2 factor auth.Having timeout issues.Sometimes user not getting MFA prompt on the phone.If the get MFA prompt they will get auth errors.

Panorama help : How to reset rules hit count

Hello everybody, I have to reset three policies usage in Panorama 8.1 firewall but in this version is not available this option in the GUI. I guess I can do it from the CLI. Can anyboy help me?. Thanks in advance.

carlostg by L1 Bithead
  • 8174 Views
  • 1 replies
  • 0 Likes

Restart is disabled because no ike sa was established

We have IPSEC tunnel to vendor.Tunnel is up Gui shows Phase 1 is red.I can ping the IP on the tunnel on vendor side which is Gateway for Vendor LAN.Unable to ping the LAN IP on vendor side. PA shows traffic is passing but nothing coming back from vendor LAN?

MP18 by Cyber Elite
  • 5826 Views
  • 2 replies
  • 0 Likes

Firewall rules suggestion

Hello I would like to have advices regarding firewall rules. I'm deploying a PA-3220 on my main site (site A). On this main site, I have several zones configured on my PA3220 (user, servers, dmz Intranet,). I have also 5 remote sites. I must create a rule to allow small sites and users & servers zone configured on my main site (site A) to re...

Resolved! PAN Next Generation Firewall 3020 can't Forward Logs Properly to External Syslog Server

Hi, I'm trying to forward all logs from PAN Firewall 3020 to an external Syslog server. I have followed the guide here and have tried to debug the problem by accessing the firewall through CLI but to no avail. However, I think I might have noticed an error from debugging. By running this line of code, I get the following results:debug log-receiv...

Resolved! File Blocking rule logic

The following KB article states that the File Blocking rulebase is not top-down but based on action precedence. The article fails to mention anything on the function of the application column with regard to processing logic:https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGeCAK If for instance, I have a security rule t...

  • 24357 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks