This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

Session Ownership in Active/Active HA scenario

Hi There, I will be greatful if anyone can please help me to understand the below which is taken from https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/high-availability/session-owner.html "You configure the session owner of sessions to be either the firewall that receives the First Packet of a new session from the end host or the fire...

Configuring OSPF & Multicast in Palo Alto firewall sub-interface

We have a requirement to configure OSPF & multicast in a sub-interface of Palo Alto for one of our customers. I would like to understand how it would impact the CPU, memory and throughput and the guidelines and best practices to be followed while configuring OSPF. A comparison against having static routes vs processing OSPF routes. Please su...

MGRashmi by L2 Linker
  • 3951 Views
  • 2 replies
  • 0 Likes

Resolved! HA link port failures and failover

I have a pair of 5220s configured with HA1, HA1 Backup, HA2, and HA2 Backup links in use. All HA links show to be up and running. I have left all of the other knobs for tuning link and path monitoring off, taking all of the defaults. No preemption, etc. I am running in an Active/Passive configuration. When I disconnect HA1 and HA1 Backup, at n...

Global Protect client for linux

Hey all,I've just updated the global protect version to 4.1.8In the docs, it says that the client supports linux.I've followed that doc:https://docs.paloaltonetworks.com/globalprotect/4-1/globalprotect-app-user-guide/globalprotect-app-for-linux/download-and-install-the-globalprotect-app-for-linux#It says I should download the package "PanGPLinux...

MPI-AE by L4 Transporter
  • 11220 Views
  • 9 replies
  • 0 Likes

Resolved! PA 3050 PAN-OS Upgrade Path

I am currently looking to upgrade my HA pair of 3050s from 7.1.10 to 8.1.6 and per Palo Alto's best practices guide, it is recommended to upgrade to the latest maintenance release prior going to the next major one. As it stands per that best practice guide, I would be to going to 7.1.22, 8.0, 8.0.16, 8.1, 8.1.6 and I am wondering if anyone has d...

PAN OS 8.1.5 - Thoughts?

Hi there! Has anybody had the chance to play with PAN OS 8.1.5 yet in Production? Are there any noticable issues? I've been locked into this killchain of bugs ever since we made the leap to 8.1.0, and I'm just wondering if this build will be the "stable" release.

Fr4nk4 by L2 Linker
  • 16314 Views
  • 18 replies
  • 0 Likes

Resolved! Unallowed to apply NAT rule

Hello, I'm trying to configure double NAT rule (SNAT + DNAT) using Panorama 8.1.4 managing PA 5220 devices running PanOS 8.0.14. I can valid / commit configuration on Panorama, but when pushing config to devices I get following error message : vsys -> vsys4 -> rulebase -> nat -> rules -> Exchange-vers-SMTP -> dynamic-destinatio...

Feature Request: Do Not Require Machine Certs to be Imported on the Firewall

For some background: We recently impelmented a data protection strategy within our organization and would like to restrict the Global Protect remote access VPN service only to domain-joined laptops. Since all our endpoints within our environment receive a machine certificate signed by our Internal PKI Root CA, we wanted to leverage those certif...

Resolved! Export Qos Interface Statistics

Hi just wandering if you can export QOS interface statistics once you have configured your specific interface profiles.. You can view these statistics in realtime but l can only seem to export to PDF/CSV the configuration ? Unless there is another way of exporting interface throughput/bandwidth statistics over a certain period of time.. Thanks SG

acmi by L1 Bithead
  • 4319 Views
  • 2 replies
  • 0 Likes

Resolved! Security Policy Best Practice

Hello all,I've read multiple documents from PA and read some on the forums here, but cannot find anything definitive on this. What I'm trying to find out is what is the best practice/most effective way to configure a Security Policy for filtering. I understand there are several ways to do this, but I've found that the way I've been doing it does...

GCSS-RT by L2 Linker
  • 3419 Views
  • 2 replies
  • 0 Likes

CheckPoint / Migration Tool / Panorama

I have been through the process of getting the files from CheckPoint, going through the migration tool to eliminate unused address, services, etc. I have completed the merge, generated the XML & SET files. I want to get these configuration files into Panorama so we can manage the firewall cluster from Panorama. Can someone tell me or point...

Resolved! Query on Log Forwarding

Hello, We would like to send traffic logs to both Panorama and OpManager (Syslog Server). How can get this configured? We followed the link below but when we go to Policy>Action to forward the log we are not able to select both Panorama and OpManager Syslog. https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-web-interface-help/device/device...

Actiontab.jpg

Resolved! Query on URL filtering

I found this article on URL filtering.My question is how is *.baidu.com not allowing mp3.baidu.com or news.baidu.com as wellWhat does *. signify or equate to this scenario. ALso is there is any need or scenario in which we would need to add www.baidu.com*.baidu.com as rules in Custom URL category. Any Help would be appreciated. HOW TO ALLOW ONE...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks