This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4114 Views
  • 0 replies
  • 0 Likes

Can a NAT IP be in my DMZ subnet

So I'm working through an IP migration when I thought of this question that I don't know the answer to and can't find an answer to with my Google skills. Is it possible to assign an IP from the DMZ subnet as a destination NAT? For example, if my DMZ were 1.1.1.0/24, could I assign 1.1.1.200 as a dynamic NAT IP for an internal subnet such as 10...

Lcroce by L1 Bithead
  • 4242 Views
  • 5 replies
  • 0 Likes

Resolved! 2 different portal configs on a single GP portal

Hello, I currently have external contractors using on-demand globalprotect to remotely connect into the network. I have a new request to enable handful of internal users to access a specific server on mobile phones remotely.if bought a GP gateway license, how can I make sure external users(Laptops) connect the same way i.e RADIUS( OTP) and new i...

Source User Information from Syslog push to PA

Hi we use Aerohive AP and from there i get syslogs at my Kiwi Syslog Server. Like this one:ah_auth: add new RT sta: MAC=xxxxxxxx, IP=10.100.100.20, hostname=xxxxx, username=xxxxxx on wifi0.7And now i need this information in the PA because there i only see in the traffic monitor the Source IP Adress from the AP and no Source User.How can i confi...

Resolved! NAT order in PA

Hi Experts, Can someone please assist on the NAT order considers in PA firewalls. Is it considered from top-down architecture or Twice NAT (NAT'ing both source and dest) takes precedence over source or dest NAT. ThanksSrinivasan

HD queries

Hi community, Which partitions are used to store the PAN-OS files? fw> show system disk-space Can unused PAN-OS files be removed from the CLI? Is there a KB available with information on how these partitions work, and what they are used for? Is there a way to access the shell mode from the CLI? Thanks.

ash83 by L2 Linker
  • 2781 Views
  • 2 replies
  • 0 Likes

Resolved! SSL Forward Proxy Edge Browser problems

Hello,We have a problem at one of our new locations with the Edge Browser when using SSL Forward Proxy (PA-220).The problem is as following: When we activate the SSL Forward Proxy, the Edge browser takes very long and sometimes even disconnects when trying to open a normal webpage with TLS. Chrome, Mozilla & Internet explorer are OK. Certifi...

grafik.png

Got error while booting : NEW DISK CONFIGURATION REQUIRED

I had try to factory reset, but it keep showing warning : NEW DISK CONFIGURATION REQUIRED, then rebooting. ------------ NEW DISK CONFIGURATION REQUIRED ------------Please wait while the new disk(s) are setup.The system will reboot automatically when completed. Jan 23 15:13:17 Error: sysd_sync_connect(sysd_sync.c:210): connect()::(errno: 11 1) C...

Configure carrier data feed without dedicated router?

We are opening a new branch office and recieved notice that the carrier will not be providing a router and that it was our responsibility to perform the WAN to LAN routing.The carrier provided a layer 3 WAN block and a Customer Useable block containing 6 IP addresses.If I configure ethernet 1/1 with the WAN block IP address I can send/receive tr...

Network Activity "Report Error"

Hi all, I am new to the community and I was interested in learning more about Palo Alto. I wanted to ask about a Palo Alto 5250, PAN-OS 8.1.3 In the ACC section, tab "Network Activity" I do not receive information Only one "Report Error" message appears Any suggestions? Regards

Capture.PNG

Resolved! Specific Functions of each Cores in the PA

Curious to know when we run the show running resource-monitor we see below output core 0 1 2 3 4 5 6 7 8 9 10 11 As per my understanding cires do the packet handling as common thing among alldo they also have some specfic functions also?

MP18 by Cyber Elite
  • 2560 Views
  • 2 replies
  • 0 Likes

Vwire inbetween Cisco Asr router and Nexus 9K Switch

I am having trouble with the following. Cisco ASR router with IP of 10.1.1.5 plugs into Cisco 9K switch into port eth 1/3, eth 1/3 is configured the follwoing way. interface TenGigabitEthernet0/0/1 description LAS-9K-2 ip address 10.1.1.5 no ip redirects no ip unreachables no ip proxy-arp ip nbar protocol-discovery load-interval 30 cdp enableen...

markk96 by L3 Networker
  • 4107 Views
  • 3 replies
  • 0 Likes

Resolved! Block Skype File Transfer

Hi All, We want to block skype file transfer from our users. Checking on the application-list, I can only see Skype and Skype-probe.Here are my questions:1. Is there a future plan to add additional skype sub-applications (skype-video-call, skype-file-transfer, etc.)?2. Is there a work-around to block skype file transfer? Thanks and regards,

Redundant internet link config for 2 PAs at remote sites connected via L3

Hi, I have read a few articles regarding internet redundancy using a primary and backup ISP link on a single Palo but can someone please explain (if it's possible) how one might achieve redundancy using a primary ISP link on 1 Palo with failover to a backup ISP link on another Palo at a remote WAN site connected to the primary site via L3? Chee...

  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks