This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4119 Views
  • 0 replies
  • 0 Likes

Resolved! How to Deploy Scripts Using Msiexec

I want to know how to create a custom MSI or MSIEXEC script to install the VPN client and set up and run a log on script to map to network shares then remove the drives on diconnect... I am told it is possible but I cannot find any how to's on it. I have Orca and have edited the msi installer to include my portal information. and I have go as fa...

Fowarding to syslog- best practice

Currently we forward nearly all of the firewall's logs to our syslog server, but the amount of irrelevant minutiae is over-whelming the syslog server. Is there a best-practice for what information should be forwarded to syslog? I don't want to miss anything important but I ready want to eliminate the un-important. Thanks

fmurray by L1 Bithead
  • 4505 Views
  • 3 replies
  • 0 Likes

Resolved! How to determine link and transceiver status on AUX ports on a PA 5220 via CLI

I am trying to figure out how to determine the link and transceiver status on the AUX ports on a PA 5220, when used in HA1 mode. I know that via the CLI, you can determine the transceiver status with the following command, but I do NOT see the AUX ports listed: show system state filter sys.s1.p*.phy Is there another CLI command to show link and ...

Determine PanOS version from generated logs

I have one problem. I have a system where logs are coming from palo alto devices with different version of PanOS (v6.1, v7.1, v8.0 and v8.1). I want to identify which PanOS version is the system running by looking at the logs only. Can you please tell me how can I know it? Currently, I am counting the number of fields in the log. For example, TR...

gnikesh by L1 Bithead
  • 3596 Views
  • 2 replies
  • 0 Likes

Resolved! Radius protocol CHAP does not Work

We have RADIUS profile for users accessing the PA.Seems when we use CHAP as protocol it does not work. When i Use Auto in Protocol Radius Auth does work. Need to know what can be the reason for CHAP protocol not working?

MP18 by Cyber Elite
  • 3721 Views
  • 2 replies
  • 0 Likes

Error Enqueuing Export Job

Beginning approximately November 2018, we have been unable to successfully export a custom report into any format, always seeing a popup stating "Error enqueuing export job" after an extended wait period. Attempted same export in both FireFox and IE in standard and safe-mode for both with the same result. Chrome I have been told will successfu...

Captive portal for wi-fi guest users

Hello all!How must I configure the PA so that the guest users using wi-fi are redirected to the Captive Portal when accessing https without the need to install certs on the guest devices? Right now it's working for http sites, but not for https, in this case those users don't go though Captive Portal.Any suggestions? Thanks!

Block TLD and Security Profiles in Monitor and Log Details

I am working on blocking a TLD using a URL filter. I have multiple URL Filtering Profiles. I have the TLD block working, but the lack of security profile information in the Monitor tab view and detail logs makes it difficult to troubleshoot. Is there a way to display what security profile(s) are being hit? I understand these are tied to the rule...

mike406 by L2 Linker
  • 4328 Views
  • 5 replies
  • 0 Likes

Resolved! OSPF routing - Metric question

Hi,My setup is like below.e1/1 - To Internete1/2 - To MPLS WAN - Learns remote site routes via OSPF as type-2 external routes.e1/3 - Internal networkTunnel.x - One tunnel to each of the 9 remote sites.My network works fine and learns remote routes via WAN and Tunnel. However the tunnel routes are taking preference because they are learned as Oi ...

smunzani by Not applicable
  • 4731 Views
  • 3 replies
  • 0 Likes

Panorama 8.1 VM on ESXi in Legacy Mode

Hi All I need to deploy Panorama 8.1 on ESXi . Due to some capacity (mostly disk and CPU) limitations on the customer infrastructure this needs to run this in Legacy mode with 4CPU/4GB RAM. There will be 10 PA220 firewalls, but all very quiet and don't' expect massive log volumes. I would like ~200GB available for log storage. I'm getting cau...

PaloAlto Decrypt Mirror not traffic visible to VM but switch port mirror traffic is

I've setup VMware ESXi 6.5 and 6.5U1 with a few different intrusion detection systems and SIEM platforms and getting inconsistent behavior w/ the Palo Alto Decrypt Mirror port vs. other technologies such as a SPAN or "Mirror Port".Many NIDS platforms (SecOnion, Bro, Moloch) can accept data from a SPAN, Mirror, or physical network tap and do intr...

dmurdoch by L0 Member
  • 4107 Views
  • 2 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks