This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4115 Views
  • 0 replies
  • 0 Likes

Global Protect Agent GW Login Lifetime

We are having an issue where our internal GP agent is authenticating to both of our internal gateways normally, but after the period set for "Login Lifetime" - the firewall is clearing the IP to username mapping, even though the GP agent still shows logged in, AND authenticated to both of our internal gateways.... Is the login lifetime the MAX...

Sec101 by L4 Transporter
  • 16202 Views
  • 2 replies
  • 0 Likes

how to distribute one internet line to multiple services

in my current scenario, I have 4 interfaces configured with different Public IP address and each interface linked to the different router and each interface have different services (Internet Email1, Email2, VPN) Our Plan to get a new line from a new ISP, in these case, we got only one router and the old Routers we canceled and we will get 6 Pub...

MFayez by L2 Linker
  • 6721 Views
  • 11 replies
  • 0 Likes

Resolved! Recommended PanOS in 8.0.x

HI, we are hitting a critical bug in our PA5020 about memory leak. Current version is 8.0.8. So we are planning to upgrade. What PanOS version do you recommend us? more "stable"?

BigPalo by L4 Transporter
  • 5476 Views
  • 4 replies
  • 0 Likes

SMTP Inbound Decryption

I am trying to setup inbound decryption for SMTP (TLS) using the default Decryption Profile.What destination IP address do I use in the Decryption Policy: public pre-NAT or private post-NAT? Regards,Han.

Han.Valk by L2 Linker
  • 3293 Views
  • 2 replies
  • 0 Likes

Interface shutting down

I have a VM-100 running 8.0.12. I inherated this configuration from the previous network engineer. I am quite new to PAN-OS and have found that an interface that faces the Internet is shutting down. I can cycle the port in the GUI, and able to ping to the Internet 1.1.1.1 and 8.8.8.8 and within my LAN for no more than 5 minutes then the inter...

Multiple Logins for a single user at different stations filtering not functioning - security threat?

I am new to Palo jsut going Live with a unit. I am seeing when users move from desk to desk and do not log out but login again at the second station their filtering does not function. They are either filtered as per the last login previously at the station (though that might be a user again also logged in somewhere else) OR they get no filteri...

2 ISP, 1 production & 1 Guest

Question for the community.I have a site with 2 ISP, 1 circuit is a crappy 10mb circuit I want to use for just guest wireless. Is it possible to run 2 ISP on a PA220 and keep the NAT and security seperate?

dualisp.png

HA2 goes down when Enabling Session Synchronization

Hello Palo Alto Community,I'm deploying a HA Pair of Palo Alto VM Serie (hosted on my infrastructure) and I'm being blocked by a situation I don't understand.HA1 is UP and the two member can see each other. I'm using the management interface as HA1 interface for convenience purposes.HA2 is ethernet1/2 which is on a Port-Group dedicated for HA2.W...

Resolved! OSPF in a Active/Passive Firewall setup

Hi,I have a lab with a active/passive Palo Alto firewall setup. I have had a look at the Palo Guide for setting up OSPF at: https://knowledgebase.paloaltonetworks.com/servlet/fileField?entityId=ka10g000000D8HwAAK&field=Attachment_1__Body__s From this, it looks like it is not possible to form an OSPF neighbour with a standby firewall. The sit...

vvadia by L1 Bithead
  • 8336 Views
  • 2 replies
  • 0 Likes

URL Identification

Hi i have a question about URL Identification. i use url object in security policy and no use ssl decryption if no SNI is present and there is no CN enrty, how can identify URL? thanks.

hbshin by L2 Linker
  • 5973 Views
  • 3 replies
  • 0 Likes

What is "cdt_token" process?

Hi there, Quick question. I'm currently troubleshooting a PA 3020 in version 8.0.12 for one of my customer. Its PA has huge DP CPU usage (arround 80%). I try to figure out the reason of this usage.I've isolated the "ctd_token" process which is a big CPU user. Can you give me a hint about its utility?cheers,Edouard

epavis by L1 Bithead
  • 7028 Views
  • 6 replies
  • 0 Likes
  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks