This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 594 Views
  • 0 replies
  • 0 Likes

Resolved! RTP traffic not matching App-ID Rule

I have a strange issue where I have a configured rule to allow the "rtp" and "rtcp" App-IDs with application-default service from any-to-any. Below that rule I have a generic permit-any rule with application service any. Screenshots below. The behavi

...

IanGraham_0-1704745546729.png
IanGraham_3-1704745826139.png
IanGraham_2-1704745786416.png

Global Protect application blank screen

Hello Members,

 

Can anyone help me to solve the global protect blank screen issue on my PC, as for others it normally works fine.

 

I am using Windows 11 and I have already removed and re-installed the GP App but still it shows a blank screen and I

...

SamiPTfA by L1 Bithead
  • 17179 Views
  • 7 replies
  • 0 Likes

VPN tunnel is getting dropped

we are seeing tunnel drop with below error message.

IKE phase-1 SA is deleted SA: 1.1.1.1[500]-2.2.2.2[500] cookie:191098e4ef6db35d:eba9ee89ff200b07

transition from trial to purchased license

Hi All,

 

We are in a scenario where we are running firewalls on trial licenses. 

 

We have purchased the licenses. Can you help me with following queries :
1. When firewall transition from trial -> purchased license, will firewall drop the network tr

...

BRI-IT by L0 Member
  • 534 Views
  • 1 replies
  • 0 Likes

Resolved! 2 Tunnel With 2 IP Public. Secondary one is filtered ?

I have two IPSec tunnels with 2 ISPs:
ISP 1 is Primary
ISP 2 is Secondary
with a Failover scheme.

 

But when I set the metric for ISP 1 to 10 and ISP 2 to 200, it seems that the public IP of the second ISP cannot ping the second tunnel's peer gateway, w

...

ariiero by L1 Bithead
  • 1046 Views
  • 2 replies
  • 0 Likes

Resolved! VM PA Firewall on esxi

Hi Team, 

I am trying to install a vm pa firewall on esxi host. Downloaded the ova of 11.2.0 base image and installed. When I configure management interface it comes up. But none of the data plane interfaces are coming up. Reinstalled once again and

...

Change of models managed by panorama

Cordial greetings

Team

I currently have a PA 220 managed from panorama and we want to upgrade it to a PA440. The idea is to keep the same configurations of the 220 device in the 440. The question is, how should this process of device change be done?

...

afalfaro by L2 Linker
  • 3111 Views
  • 9 replies
  • 0 Likes

Pre-established BGP connection to HA?

All,
I'm looking to set up established BGP connections from the upstream routers (Cisco Nexus) to the HA unit in our A/P setup for faster failover times, and to not make it look weird when trying to determine if adjacencies are up to the primary unit

...

Resolved! DNS sinkhole , some questions

 

I'm a SOC analyst, and we receive firewall logs regarding DNS sinkhole alerts. I'm trying to understand them better.

I have received multiple logs of this type, and I want to make sure I understand them correctly.

In this log, the domain that was q

...

Brand new PA-1040 interface 1 & 2 in red link state problem

Dear All, 

 

              I got a brand new PA-1040, and i have choice standard mode rather than ZTP mode from the beginning and i found that interface 1 & 2 are in red link state, even i connect a network cable into these port and i still see there

...

piaakit by L1 Bithead
  • 758 Views
  • 1 replies
  • 0 Likes

Resolved! pa-450 software no update information available

Hi,

I installed new pa-450 on 10.1.3 from config exported from pa-820 on sw version 9.

Device is registered properly. Dynamic updates work without any problems. All licenses are resolved properly from license server and applied properly.

During softw

...

bkrajnik by L1 Bithead
  • 4720 Views
  • 2 replies
  • 0 Likes

Aruba Central - Palo Alto - User ID Question

Hey Guys,

 

I have a bunch of access points in Aruba Central, we are currently using UserID as a way to assign username to IP address with Palo Alto. I have found these instructions https://www.arubanetworks.com/techdocs/central/latest/content/aos

...

  • 23930 Posts
  • 113 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks