This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4229 Views
  • 0 replies
  • 0 Likes

How to find Zone for an IP address in V Wire mode

Hi Experts, Could you please suggest how to find Relevant Zone for an IP addresses in V Wire mode. Because in V Wire type , we don't configure IP address for that Interface, nor routing table is calcuated .Not sure, how to find the relevant Source/Destination zone(s) for an IP Addresses while creating Access rules. Everytime, I'm looking into...

Resolved! 5220 - HA2 on 10GB Port

My organization purchased two 5220's to run in active/passive HA, but the VAR did not mention needing transceivers/cables for the HSCI ports, or the possibility of needing to use the HSCI ports for HA. I would prefer to not have to wait on a capital expenditure request to put this in production. Would we be fine using CAT6A on the 10GB ports for...

magates by L2 Linker
  • 5332 Views
  • 4 replies
  • 0 Likes

Stuck in Failsafe bootloader after reboot

I rebooted a PA-850 after installing a firmware update and it is now not responding. I managed to get on via OOB management and its reporting DDR3 CRC errors. Welcome to the PanOS Failsafe Bootloader. U-Boot 8.0.3.0-55 (Build time: Jun 13 2017 - 17:15:27) Octeon unique ID: 04c000814219f31e0344DDR3 SPD CRC error, spd addr: 0x51, calculated crc: 0...

welly_59 by L3 Networker
  • 3451 Views
  • 1 replies
  • 0 Likes

Dear PA re Active Active

Hi Lots of people say stay away I tried. BUT PALOALTO PLEASE DON'T ADVERTISE THIS AS A WORLING PRODUCT CAUSE IT AIN'T. to any one thinking of A/A please test and test again will fail over. Pull one of the HA1 or HA2 cable .. the system can't handle it. It should be marked up as BETA

Keep Username for Two-Factor-Authentication Global Protect

hey i am configuring two factor authentication,1) portal with certificate2) gateway with OTP i have noticed that i can authenticate to the portal with user "A" and than on the gateay i succesfully authenticated with the OTP of user B (username & password) the question is if we can enforce the authentication to teh gateway will be with the sa...

minow by L4 Transporter
  • 8566 Views
  • 8 replies
  • 0 Likes

Resolved! PA drop the connection for IPTV- no sound and video

I have IPTV at home.Rule is any app and any service bit i see that video has no pic and sound. PA logs traffic,url and threat does not show packet drop. then i removed all the security profiles and video and sound was working. is there any way we can check where PA is dropping the traffic for IPTV with security profile enabled? Mike

MP18 by Cyber Elite
  • 6152 Views
  • 6 replies
  • 0 Likes

show counter interface management multicast packets dropped

show counter interface managementInterface: Management Interface--------------------------------------------------------------------------------------------------------------------------------------------------------------Logical interface counters:-------------------------------------------------------------------------------bytes received 5098...

MP18 by Cyber Elite
  • 6496 Views
  • 7 replies
  • 0 Likes

PAN-OS 8.1.3 in production environment?

Anyone running 8.1.3 in prod? I have a change window to upgrade this weekend from 8.0.3 to 8.1.x as we wish to make use of the split tunnel by URL feature in GP, but reddit has filled me with some horror stories

welly_59 by L3 Networker
  • 4495 Views
  • 7 replies
  • 1 Likes

Resolved! Pan(w)achrome stats collecting?

Hello folks, We are going to be moving datacenter soon and changing our ISP. We plan to consider a 1Gbps Internet line coming in. Not sure of exact upload vs. download at the moment. In preparation, I am being asked to characterize our traffic, comparison, from a speed/bitrate perspective. It seems like Pan(w)achrome gives great stats, but ha...

OMatlock by L4 Transporter
  • 3653 Views
  • 3 replies
  • 0 Likes

Resolved! DOS protection alert test

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClL3CAK I am using the above linked KB to create DOS profile and policy for a particular server, but i have not changed the defaults as i donot want it start actioning on it right away. I have set the alarm rate to 1 and 2 connections per second for classified and aggregat...

raji_toor by L4 Transporter
  • 7200 Views
  • 8 replies
  • 0 Likes

Routing traffic from branch through HQ to vendor

Currently Im labing a situtation where I'll need to have branch users route to a vendor through HQ via IPsec tunnels. Users at my banch access can acesss Web/HQ services though the HQ firewall, but when accessing the vendor. Logs show from HQ the attempts to the vendor from the branch office. But nothing but incompletes/aged-out. From HQ, I do ...

example.jpg
k.truex by L1 Bithead
  • 4601 Views
  • 2 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks