This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

PAN HA Pair Shows Antivirus Mismatch But Are Correct On Device Page

Totally new to PAN...So I upgraded a pair of PA500s in HA to 7.1.17, and since then (I believe) the dashboard on each shows Antivirus Mismatch. When I fly over the "Antivirus Mismatch on either's dashboard, both show the active PAN as having the older version). However, on the DEVICE> Dynamic Updates tab both devices show 2861-3371 downloade...

PAN-OS Manual Upgrade

Hi All, I were tried to upgrade the PA-850 from PAN-OS 8.0.7 to PAN-OS 8.1.0. I have uploaded the image but it didn't list the image. Any input on this ??

gpsriram by L1 Bithead
  • 2456 Views
  • 2 replies
  • 0 Likes

Resolved! override traffic packet capture

Hi, all I have questions about Application Override traffic packet capture. Q1. when i enable App override, Overridden traffic is offloaded without reaching Dataplane. is it correct? Q2. Overridden Initial packet such as UDP when session setup is offloaded? Q3. I think any traffic that is offloaded can't do packet capture without disable hardwar...

hbshin by L2 Linker
  • 3344 Views
  • 1 replies
  • 0 Likes

Recommended PAN OS 8.1.3 or 8.1.4 ??

Hi All, What will be the recommended PAN OS for Perimeter firewall ?? 8.1.3 or 8.14 . I got the update from support team as 8.1.3 is not a stable but initially it was suggested by SC. Thanks in Advance

gpsriram by L1 Bithead
  • 2485 Views
  • 2 replies
  • 0 Likes

Panorama/Firewall performance

Historically, for a LONG time, we have created an object for every IP address and every port (for port based rules). Over the years, this has lead to our config being HUGE. Last tech support file from Panorama is 85MB. With thousands and thousands of objects, my opinion is that's contributing to the performance issues we see; the fact that al...

Resolved! Install MineMeld behind the proxy server

Having issue to install the MM behind the proxy, the IP address of MM is whitelisted for any proto/url in the proxy configure.While the installation is started thru the command sudo apt-get install minemeld I do see the requests from MM is comming to the proxy and the process of the install seems like goes well enought until at some points it f...

ust_lynt by L0 Member
  • 7485 Views
  • 2 replies
  • 0 Likes

Resolved! Question about url filtering response page

we have configured url filtering where certain categories are blocked and user get the response page.but under networkinterface management profile the response page is unchecked need to know how without checking the response page users are getting response page that certain site is blocked?

MP18 by Cyber Elite
  • 3365 Views
  • 1 replies
  • 0 Likes

Resolved! Cannot contact update server from public IP address interface

After click "Check Now" in "Dynamic Updates". Show the error popup as below linkhttps://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClkuCAC The above KB not apply to my case. As I not allow my management interface to reach internet.So I go to customize "Service Route Configuration", and set the Source Address of Service - "...

jeremylo by L3 Networker
  • 17450 Views
  • 10 replies
  • 0 Likes

IP to User mapping Format

Hi ! We configured Windows User Agent for the IP-to-User Mapping to apply the AD group based policy. User Agent is fine and IP-to-User lookup forwadred to firewall . But the problem in the user format. Some user's mapped in the format of netbios\username ( AD\user1) and some of the user's mapped in the format of dnsdomainname\username ( AD.ex...

gpsriram by L1 Bithead
  • 2874 Views
  • 1 replies
  • 0 Likes

PAN-88671

Hello, In PANOS 8.0.8 release, now can disable or enable the L4 checksum checking. How do I check if my 5200 firewall L4 checksum is enabled or disabled? How do I check if traffic is dropped due the L4 checksum? Thanks, E

Resolved! User Activity Report

Hello, I have generated the User Activity report, just wondering whats the count column in the report? Is that the number of time the user has visited the site? Also some category has 2 counts and browser time 0:00:00 what does that mean? Total time is showing: 7hours and 3 min. Does it mean the user spent that much time in all the categories? H...

Sample.png

Global Protect Client Certificate Issue

Hi teamHow can I implement in the Global Protect confuguration the use of client certificate and LDAP authentication as two factor authentication only for some user (or a user group) ? We had only rolled out private certificates from our PKI for some user that has access to sensitive services and these user should use their certificate as additi...

mtsadmin by L1 Bithead
  • 4675 Views
  • 8 replies
  • 0 Likes

Resolved! How to list all configured values for a template?

Is there a way to list all configured values for a given template? I have searched the tech docs and Community but can't find a good answer for this. Background: I inherited a Template Stack in Panorama, and one of the templates has an oddball naming convention and doesn't SEEM to contain any values at all (browsing manually through the screens ...

lwalcher by L1 Bithead
  • 14196 Views
  • 6 replies
  • 0 Likes

Resolved! Dual Firewall pair-True DMZ design

Hello All, I am looking for any helpful suggestions,recommendations,critics etc for my new firewall design implementation project.currently, we have a pair of 5020s facing the internet and having DMZs,Internet and Internal networks on them. My management would like me to implement a "True DMZ" with new 5220s for greater ssl decryption capabiliti...

Resolved! Two question HA

Good Morning I have two questions regarding the HA Fault conditions When I configure Link Monitoring and Path Monitoring in the Active Firewall Should I also configure these conditions in the same way in the passive Firewall? The "Heartbeats Backup" option must be enabled even if we do not have a backup link configured? Thank you! Regards!

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks