This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! managment port importance?

this is my first time deploying palo alto , is it important to have the managment port connected? does it play important role in the device function or is it just solely for managment?like can i manage the device from the inside interface only?

chuckles by L2 Linker
  • 4262 Views
  • 4 replies
  • 0 Likes

Resolved! Passive PA and IPSEC Connections

We have PA in active passive mode, We have ipsec connections going to end devices.When i check the passive PA GUI I see All Phase 1 connections as redAll Phase 2 connections as green IS this normal behaviour?

MP18 by Cyber Elite
  • 3658 Views
  • 3 replies
  • 0 Likes

Resolved! allowing and denying ip address traffic on VWIRE?

i have a core switch and a router which connects to other router to reach the internet , i was wondering if i put the palo alto as a VWIRE between the core switch and the router would i be able to control which ip addresses can go to the internet and which cant? like create security policy rules for ip addresses on a palo alto set as a Vwire?

chuckles by L2 Linker
  • 2940 Views
  • 1 replies
  • 0 Likes

Disk usage for / exceeds limit, 95 percent in use.

I know there have been several messages about this issue, but so far, the only solution Palo Alto has given, is to update to a new version. We have followed PA suggestions and months after the update, the issue starts again and their solution will be to update to a new version. Firewall model: PA-5060Software version: 8.1.10 fw1(active)> show...

Queries on IKE and GP Gateway

Hello, We are planning to use Faster Link (400MB) as our primary link in our org.Once we get this link running, we can get it setup with GlobalProtect and start setting up the remote sites to connect to that link as a secondary tunnel until we are ready to flick the switch and make it a primary. Below are some questions we got. 1. Is it possible...

Can a PA firewall replace a Squid/DansGuardian setup?

Currently, in our schools, we use Squid+DansGuardian for basic web content filtering (URLs, phrases, domains, client users, and client IPs). We use Squid for handling the HTTP requests, not for any local disk/mem caching. It appears that most of this can be handled by a PA firewall with some LDAP hooks into the school Linux server (URLs, applic...

fjwcash by L4 Transporter
  • 5024 Views
  • 2 replies
  • 0 Likes

Resolved! Clear Alarm LED?

Hey all, I have a PA-220 that has the Alarm LED lit. The cause was that someone tried to insert a power supply from a PA-200 into the PA-220. Thinking that what happened is that a brief short was created which triggered the alarm. All other LEDs are good. Anyone know a way to turn off the Alarm LED or clear it from the CLI or GUI? Thought m...

cafowler by L2 Linker
  • 13938 Views
  • 4 replies
  • 0 Likes

Virtual router to virtual router communication

Hi, We have a setup in which a switch is used for interconnecting several virtual systems to a perimeter router. The switch is going end of life and needs to be replaced. Is it possible to replace this switch with a "Virtual router" in Palo Alto?Below is the setup: 1. All virtual systems have their own virtual routers. 2. Default routes from th...

Inter vr-routing.jpg
MGRashmi by L2 Linker
  • 9151 Views
  • 3 replies
  • 0 Likes

Panorama Pan OS Automatic Update to Managed Firewall Devices

Hi, I currently manage a group of Palo Alto FW Devices (5220, 800, 3200 and 200 series) via a Panorama M-100 Series Appliance. I would like to know if Panorama pushes automatically PAN OS SW Update (at the PAN OS - level only - not AV, AppID or Wildfire signatures) to the managed devices (after having them downloaded from the internet, hence ass...

CarloMun by L0 Member
  • 2777 Views
  • 1 replies
  • 0 Likes

Resolved! Configuring Site-to-Site VPN between two PAs

We recently purchased a PA850 and PA220 to use at two different locations and want to set up a tunnel between the two devices. I am unable to successfully get connectivity between them. I am trying to follow this guide (Site-to-Site VPN with Static Routing ), but I'm not sure if the problem is in my configuration or the physical hardware connect...

CoreyS by L0 Member
  • 4080 Views
  • 2 replies
  • 0 Likes

Multiple copies of Content Update e-mail since 8145

Before I open a support ticket about this, I wanted to check if it was only happening to me or if others have been experiencing the same thing. Up until April 17, 2019 I would only receive a single copy of the daily "Palo Alto Networks Content Update" e-mail, the last of which was version 8144. Since the release of Content Update 8145 on April 2...

fjwcash by L4 Transporter
  • 2512 Views
  • 1 replies
  • 0 Likes

Resolved! PA 5050 Power supply failed and how to see env logs?

On PA5050 we have One of power uspply failed.I have opened RMA with PA. I was using this command to see env logs less mp-log ehmon.log ** Ehmon (v3.0)*2018-07-01 01:43:57.677 -0600 Start time.2018-07-01 01:43:59.679 -0600 Loading: libkernel_error.so... done2018-07-01 01:43:59.680 -0600 Loading: libraid.so... done This doe...

MP18 by Cyber Elite
  • 5281 Views
  • 2 replies
  • 0 Likes

DNS Proxy Configuration with VPN

Hi, I'm trying to route to some internal domain controllers for domain local DNS, and public DNS servers for everything else. This seems reasonably straight-forward except that when I specify the internal network IPs of the Domain DNS servers, they timeout all requests for domain DNS when looking up via the Palo DNS proxy. All other DNS resolves...

Envisian by L0 Member
  • 3704 Views
  • 1 replies
  • 0 Likes
  • 24380 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks