This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4473 Views
  • 0 replies
  • 0 Likes

Resolved! Routing Traffic between two VR's and Bytes Send and Receive info in GUI

I was Testing the Connectivity between two end points for Testing Purpose only Server(10.50.50.1)--------Sw1---------eth1/8----- PA-------------eth1/7-----------------Sw2-----------User PC(10.7.7.6) PA VR1 has interface Eth1/7PA VR2 has interface Eth1/8 Server IP 10.50.50.1PC IP 10.7.7.6 Sw1 and Sw2 has point to point connections with PA. 1>...

MP18 by Cyber Elite
  • 3780 Views
  • 5 replies
  • 0 Likes

Resolved! Security policy not working with Group Mapping

I have configured LDAP group under Group Map settings.I have added the ldap group there. Then under security policy source user is any and under user i added that group name. When i do sh user group list i see the group name and user ids under it. when i try to reach the destination ip under that rule firewall denies that traffic. Security ru...

MP18 by Cyber Elite
  • 12259 Views
  • 8 replies
  • 0 Likes

Resolved! Active Passive and Active Active PA and Web Gui Cert

I have created CSR and exported that to our Server team as they would generate the cert based off of that.PA is in active passive mode. Do webgui cert of Active PA will syn with Passive PA?Do I need to create separte CSR for the passive PA? We also have PA in Active Active mode.Does A/P Webgui Cert process is same as Active Active PA?

MP18 by Cyber Elite
  • 5257 Views
  • 7 replies
  • 0 Likes

ShareFile upload 'blob'

Hi, I was wondering if anyone have been succesful in getting the actual file names of what is being up/downloaded to ShareFile? All I get is file name 'blob'. We do decrypt the traffic but my guess is citrix encapsulates the files making the names unreadable. Anyone? Thanks, Mikael

mgusta by L2 Linker
  • 3978 Views
  • 2 replies
  • 0 Likes

HA and Device Priority

HA active deviceUpon initial configuration the device with the lowest priority, value close to zero, becomes the active unit (default priority is 100). If two devices have the same priority value, the device with the lowest MAC address of the HA1 link becomes the active unit.Can someone give me real world example of when both FWs would have same...

scantwell by L4 Transporter
  • 11601 Views
  • 14 replies
  • 0 Likes

globalprotect stuck at "Retrieving configuration..."

OS info: openSUSE Leap 42.3 After installing globalprotect I tried to connect for the first time, but it seems to get stuck. After the inital warning messages, I continued as suggested in the manual: >> connect -p portal.vpn.broadcom.com -u tc912575 Retrieving...

ccin1492 by L1 Bithead
  • 20511 Views
  • 5 replies
  • 0 Likes

Upgrade from from 7.1.2 to 7.1.22

I have a question about the upgrade.If I want to upgrade PAN OS from 7.1.2 to higher version. <such as 7.1.22 or higher>Do i need to in-place upgrade step by step from 7.1.2 to 7.1.21 then 7.1.22. orI can upgrade directly from 7.1.2 to 7.1.22?

Resolved! OS-X and GP - Machine Start

Need some feedback. On Windows 10 this doesn't seem to be a problem but for OS-X (version 10.14.3 Mojave) GP doesn't connect on a reboot. It's saying the portal isn't available. I think GP is starting up before the the NIC and that's what's causing this. Does anyone have any pointers on where to look? We're running GP version 4.1.6.

20190129_090336.jpg

Resolved! Dataplane higher than usual. why??

Hi, We realised that the PA5050 (panos 7.1.12) dataplane has increased to 55% when it is always is at 28%. I would like to know why this increase is caused. I dont know how to translate this commands in order to have an idea about why is high the dataplane. show running resource-monitorDP dp0:Resource monitoring sampling data (per second):CPU lo...

IP address is Exempt from SSL decryption But traffic log shows decrypted

There is this Microsoft Application autopilot with tons of urls and destination IP addresses. I have created the SSL decryption Rule on Top for no decryption for all those IP addresses. When i see traffic logs it shows decrypted when i see url logs it shows no decryption for those IP's.Is this by design? I never saw like this before?

MP18 by Cyber Elite
  • 2302 Views
  • 2 replies
  • 0 Likes

Resolved! SSH to HA1 port - Password

Trying to ssh the active device from passive using HA1 IP address mparmar2@Lab-EOCDC-NGFW-1(passive)> ssh port 28 host 1.1.1.11mparmar2@1.1.1.11's password:Permission denied, please try again.mparmar2@1.1.1.11's password:Permission denied, please try again.mparmar2@1.1.1.11's password: tried the login pw do not work.need to know what is pw f...

MP18 by Cyber Elite
  • 4930 Views
  • 5 replies
  • 0 Likes

Resolved! Failover issues with Active/Passive

Hello, Using 3020 HA pair. We are currently having two issues regarding fail-over:Fail-over time from primary to secondary takes about two minutes. Fail-over back to the primary takes on average 10 minutes. This seems excessive for a production environment.Once failed-over from primary to secondary, our externally-facing websites become inaccess...

  • 24380 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks