This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

Resolved! Route Decision in Palo Alto firewall without interface mentioned in virtual router

Hi There, Can we configure static routes in virtual router without mentioning what interface to use? Can Palo alto smart enough to identify the right interface based on the nexthop IP address? I am believing yes, could you please confirm me. especially in the case of Aggregated interfaces though, I have all AG interfaces on my PA device. Does it...

Resolved! Block Wetransfer Upload

I was doing a test on allowing wetransfer download, but not allowing upload. Ran into some issues. I have TLS decryption enabled. I have removed the *.wetransfer.com decryption exclusion. My security policy is looking for applications "wetransfer" and "amazon-cloud-drive-uploading". I have a file blocking policy that is set to block upload of an...

ce1028 by L4 Transporter
  • 27058 Views
  • 16 replies
  • 0 Likes

5000 Series not supported on PanOS 9

I'm quite disappointed in Palo Alto's approch to not make 9.0 supported on the 5000 (i.e 5020, 5060, etc.) For a customer that purchased their equipment right before th 5200s came out it seems we (and probably many others) were screwed over on this deal. Palo's approch when I discussed this was "you'll have to upgrade." Ya that's all fine and...

NickThen by L2 Linker
  • 11062 Views
  • 10 replies
  • 0 Likes

Response Page working or not for url filtering

We have configured the url filtering response page for one of our sites.Is there any way from CLI or GUI i can confirm that users when they go to blocked site are actuall getting response page? I see on GUI url filtering logs that they are blocked.

MP18 by Cyber Elite
  • 4306 Views
  • 2 replies
  • 0 Likes

IPv6 & User-ID

Hi guys, can anyone point me in the right direction to find out if User-ID supports IPV6 address and if so how does that work.I assume that the only the primary IP address which gets authenticated on the domain gets logged and therefore reported to the PA. So I'm guessing that in a dual stack LAN all of the possible addresses do not get logged...

JohnP by L1 Bithead
  • 6290 Views
  • 4 replies
  • 0 Likes

Resolved! Multiple Userid Agents

We are deploying UserID with username policy enforcement and the concern is agent resilience. We do not want to use the firewall built in agent and the server team does not allow agent installation on a domain controller. The plan is to install the agent on dedicated windows server and to monitor all domain controllers, but t if the server host...

BatD by L4 Transporter
  • 6145 Views
  • 2 replies
  • 0 Likes

Resolved! Upgrading PA200

Hello, We are planning to upgrade our PA-200 from 7.1.x to 8.0.x. What we are after is that when you upgrade to 8.0, there’s a RAM requirement of 6.5GB. How does the PA200 handle that? Is that limitation only for VMSeries or?

Aggregated interfaces on PA 5250

Hi there, We are implementing aggregated interfaces on PA 5250. I have configured 10 aggregated subinterfaces from two physical interfaces. when I enabled the LACP on the aggregated interface group, the maximum interfaces is set to 8 by default. I believe this is number of physical interfaces that are active at any given time right? if that is i...

Resolved! User-id and 8.1.x and MS AD best practise

Hi What I have 8502x 5220's active / passive clusterpanorama3 MS AD's + 2 Exchange boxes I have the panorama userid sync with 850 and a VIP address on the 5220's so it always connected to the active node. I believ that panorama pulls userid info from each node and sends it to each node - I believe I believe I tested that before. My PA's 850 &a...

PA200 not booting properly

Hi there, I recently picked up a couple of PA-200s for my lab. I was able to factory reset one of them and it seems to be working just fine. The other does not get any farther than this in the boot sequence (looks like it tries to boot twice){Welcome to the PanOS Bootloader. U-Boot 7.1.14.0-0 (Build time: Sep 18 2017 - 16:37:18) Skipping PCIe po...

Resolved! Allow application from a blocked category

Hello everyone,I searched this topic before posting and couldn't find an exact answer so I'm asking the question here. I have blocked a specific category that includes multiple appplications. I now need to allow one of those applications, but keep the category blocked as it is. Do I just create a new policy just about the blocked category policy...

GCSS-RT by L2 Linker
  • 5765 Views
  • 6 replies
  • 0 Likes

Resolved! Uprade GP Client to 4.1

Hey guys,PA-3020 with 8.0.7 and GP Client 4.0.5I want to upgrade GP Client.Are there 4.1.X versions I should avoid or can I use the latest 4.1.10?Clients are Windows 7-10 and macos 10.12-10.14

MPI-AE by L4 Transporter
  • 4885 Views
  • 3 replies
  • 0 Likes

Resolved! PA VM 7.1.0 after set default gateway, can't ping any Internet IP including the gateway.

Hi All, I setup PN VM 7.1.0, my vmworkstation is pro 12.5.2. I bVMnet11 bridge my wire network card.I set 192.168.200.98 for the management interface of the PA VMNext I set IP, zone and default gateway for ethernet 1/1 Afther that, I am having problems. The default gateway can ping the IP of ethernet 1/1 of the PA VM ping 10.12.172.230Type escap...

1.jpg
2.jpg
3.jpg
Fred321 by L0 Member
  • 9344 Views
  • 3 replies
  • 0 Likes

Import XML configuration into MS-SQL

I couldn't determine the correct place to discuss this topic, so please forgive me if I have improperly located it. I need to know if there is a way to import the XML config file into a MS-SQL database. One of the challengs of auditing a firewall is not only to know which rules have been used or not, but also to know what objects within a rule...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks