This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 198 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 880 Views
  • 0 replies
  • 0 Likes

Resolved! phase 1 up phase 2 down

( description contains 'IKE phase-1 negotiation is failed. Peer\'s ID payload 10.175.150.0 (type ipaddr) does not match a configured IKE gateway.' )

 

 

and ( description contains 'IKE phase-1 negotiation is failed as responder, main mode. Failed SA: 19

...

MP18 by Cyber Elite
  • 11229 Views
  • 2 replies
  • 0 Likes

ALB Health Checks -> Palo Alto -> ALB

Trying to get the Palo Altos to register as healthy. Can anyone provide some assistance on NAT policies, or configurations for getting TCP 80 checks from ALB to Palo Altos to ALB which sits in front of two App servers? 

 

ALB (Palo Altos)

   |

Palo Altos

...

Resolved! IpSec VPN between Palo and Vyatta

Hi all,

 

I try to configure an IPSec tunnel between PA-500 (version 7.1.4) and vyatta.

Config seem to be ok, phase 1 is ok but nego for phase 2 is block in "No Proposal chosen". I select in phase 2 all possibility given by the palo.

 

Any body already su

...

VinceM by L5 Sessionator
  • 8531 Views
  • 8 replies
  • 0 Likes

Resolved! Custom URL Filter - Site Definition Format

We started using Custom URL Categories, and it seems when we define a site, we have to add both a wild card to cover any subdomain, and a / to cover all URI/URL of the domain, IE:

*.acme.corp      (To cover subdomains)

acme.corp/       (To cover all UR

...

Resolved! GUI does not show system logs

On GUI i see traffic logs but no system logs.

LAst system logs are from yesterday.

 

Ran the below command

 

show log system direction
> equal equal

admin@EOCDC-G3-NGFW-2(active)> show log system direction equal backward
Time Severity Subtype Object EventID

...

MP18 by Cyber Elite
  • 4699 Views
  • 4 replies
  • 0 Likes

UserID

Hello

 

Is Userd Identification feature works only whith Active Directory users account or also with Computers accounts ? I would like to create a security rule who allow access on our internal ressources only for computer with an active computer accou

...

Knowledge Base Single Sign-On Error

Hello!

 

Every few days I get this error and can't access knowledge base. 

 

It is VERY FRUSTATING!!!!

 

Error started to appear after last tool upgrade. Does PAN have mailing list for resolving partner access issues?

 

Regards,

Maja

Capture.JPG
mkopcic by L2 Linker
  • 2930 Views
  • 1 replies
  • 2 Likes

Resolved! Open port

I need to create security rule and/or not to allow port 6965 to a device. Do I need both a NAT and security rule? Need to find out from vendor if port is TCP, UDP or both. I have PA-3020 running PAN-OS 8.0.13.

Asymmetric traffic and URL log retention

shown below is my log storage quota settings. My traffic logs can show past 16 days data but URL filtering logs has only past 8 days data. how can I ensure I store same log retention period for traffic and URL filtering? 

log db.PNG

Resolved! Minemeld with AWS Guard Duty Integration

Hi,

 

  I just went through the python extension install successfully of the Guard Duty miner for Minemeld.  It looks like it installed successfully, but after I restarted Minemeld I can't see anything.   I create a role for my Minemeld instance to h

...

Artman by L1 Bithead
  • 3692 Views
  • 2 replies
  • 0 Likes

Resolved! Active/Active Firewalls and Panorama Templates

So I'm trying to keep firewall configuration as much in Panorama as possible. With Active/Passive I can accomplish this with one template per firewall pair.

 

With an active/active firewall pair will I need a template stack to do this? One template per

...

tcasw86 by L3 Networker
  • 3991 Views
  • 1 replies
  • 0 Likes

Feed with mixed IP \ domains

I have an IoC that is a mixture of IP addresses and hostname\domains; what is the best way of handling this?

 

The processed output will be a mixture of PA firewalls and other non-PA systems so, to be absolutely sure I'd like to split them out.

 

The

...

apackard by L4 Transporter
  • 2670 Views
  • 1 replies
  • 0 Likes

Resolved! Email alert for Logs not generated in GUI

 

Currenlty we do not get email alert notification for logs being not generated on the PA.

We have configured email alert for system.

 

Is it possible to get the email alerts when PA stops generatingt the logs like traffic or system in gui?

MP18 by Cyber Elite
  • 3198 Views
  • 3 replies
  • 0 Likes

Import XML FW config from desktop to Panorama?

Scenario:

 

I have a new firewall out in the field, I'd like to put a basic configuration on the FW in the field including the Panorama server IP. I'd then like to log into Panorama and import the config from my desktop and then push the full config to

...

  • 24013 Posts
  • 115 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks