This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! 5220 - HA2 on 10GB Port

My organization purchased two 5220's to run in active/passive HA, but the VAR did not mention needing transceivers/cables for the HSCI ports, or the possibility of needing to use the HSCI ports for HA. I would prefer to not have to wait on a capital expenditure request to put this in production. Would we be fine using CAT6A on the 10GB ports for...

magates by L2 Linker
  • 5404 Views
  • 4 replies
  • 0 Likes

Stuck in Failsafe bootloader after reboot

I rebooted a PA-850 after installing a firmware update and it is now not responding. I managed to get on via OOB management and its reporting DDR3 CRC errors. Welcome to the PanOS Failsafe Bootloader. U-Boot 8.0.3.0-55 (Build time: Jun 13 2017 - 17:15:27) Octeon unique ID: 04c000814219f31e0344DDR3 SPD CRC error, spd addr: 0x51, calculated crc: 0...

welly_59 by L3 Networker
  • 3495 Views
  • 1 replies
  • 0 Likes

Dear PA re Active Active

Hi Lots of people say stay away I tried. BUT PALOALTO PLEASE DON'T ADVERTISE THIS AS A WORLING PRODUCT CAUSE IT AIN'T. to any one thinking of A/A please test and test again will fail over. Pull one of the HA1 or HA2 cable .. the system can't handle it. It should be marked up as BETA

Keep Username for Two-Factor-Authentication Global Protect

hey i am configuring two factor authentication,1) portal with certificate2) gateway with OTP i have noticed that i can authenticate to the portal with user "A" and than on the gateay i succesfully authenticated with the OTP of user B (username & password) the question is if we can enforce the authentication to teh gateway will be with the sa...

minow by L4 Transporter
  • 8724 Views
  • 8 replies
  • 0 Likes

Resolved! PA drop the connection for IPTV- no sound and video

I have IPTV at home.Rule is any app and any service bit i see that video has no pic and sound. PA logs traffic,url and threat does not show packet drop. then i removed all the security profiles and video and sound was working. is there any way we can check where PA is dropping the traffic for IPTV with security profile enabled? Mike

MP18 by Cyber Elite
  • 6261 Views
  • 6 replies
  • 0 Likes

show counter interface management multicast packets dropped

show counter interface managementInterface: Management Interface--------------------------------------------------------------------------------------------------------------------------------------------------------------Logical interface counters:-------------------------------------------------------------------------------bytes received 5098...

MP18 by Cyber Elite
  • 6604 Views
  • 7 replies
  • 0 Likes

PAN-OS 8.1.3 in production environment?

Anyone running 8.1.3 in prod? I have a change window to upgrade this weekend from 8.0.3 to 8.1.x as we wish to make use of the split tunnel by URL feature in GP, but reddit has filled me with some horror stories

welly_59 by L3 Networker
  • 4567 Views
  • 7 replies
  • 1 Likes

Resolved! Pan(w)achrome stats collecting?

Hello folks, We are going to be moving datacenter soon and changing our ISP. We plan to consider a 1Gbps Internet line coming in. Not sure of exact upload vs. download at the moment. In preparation, I am being asked to characterize our traffic, comparison, from a speed/bitrate perspective. It seems like Pan(w)achrome gives great stats, but ha...

OMatlock by L4 Transporter
  • 3704 Views
  • 3 replies
  • 0 Likes

Resolved! DOS protection alert test

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClL3CAK I am using the above linked KB to create DOS profile and policy for a particular server, but i have not changed the defaults as i donot want it start actioning on it right away. I have set the alarm rate to 1 and 2 connections per second for classified and aggregat...

raji_toor by L4 Transporter
  • 7364 Views
  • 8 replies
  • 0 Likes

Routing traffic from branch through HQ to vendor

Currently Im labing a situtation where I'll need to have branch users route to a vendor through HQ via IPsec tunnels. Users at my banch access can acesss Web/HQ services though the HQ firewall, but when accessing the vendor. Logs show from HQ the attempts to the vendor from the branch office. But nothing but incompletes/aged-out. From HQ, I do ...

example.jpg
k.truex by L1 Bithead
  • 4656 Views
  • 2 replies
  • 0 Likes

Monitoring VPN tunnel status

Hi, I would like to monitor VPN is UP using NAGIOS. I think its necessary configure tunnel monitor for this, right??? what are the options to monitor VPN is UP? and monitor config profile.

BigPalo by L4 Transporter
  • 3508 Views
  • 3 replies
  • 0 Likes

Log s for Firewall generated Traffic

Hello All - I am not seeing logs in the monitor section, when i generte traffic from Paloalto Firewall itself. For example, when I ping 4.2.2.2 from the Firewall, i am not seeing logs showing for. Is it a known behavior? or i missing something? is there anyway to capture the logs showing the traffic generated from firewall like SYSLOG, PING, SN...

How PA 5220 appliance sends netflow packet when configured in HA and Vsys Mode.

How PA 5220 appliance sends NetFlow packet when configured in HA and Vsys Mode. does the firewall find egress interface by looking into routing table for Netflow packets? If it is Yes, So why we need to change service route on PA 5220 appliance, Secondly, As appliance in HA pair so it sends statistics about active firewall only ?? Also would lik...

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks