This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4136 Views
  • 0 replies
  • 0 Likes

PA 820 MM Fiber interface will not come up with WAN Provider

I have a palo alto 220, a switch with fiber port, and a palo alto 820 with fiber port. We use AT&T 1G fiber for wan connectivity. If a palo alto is connected directly to the MM fiber wan the interface will not come up. When a switch is used as a media converter, the fiber interface/sfp on the switch does come up, and using a copper connx ...

pstrazza by L0 Member
  • 3776 Views
  • 1 replies
  • 0 Likes

DMVPN router traffic through DMZ to trusted LAN

We are setting up DMVPN routers for on-demand VPNs from our remote sites to HQ. our DMVPN routers have the front end exposed to internet and the back end is on our special DMVPN DMZ. When the VPN is built from the remote site traffic from the site comes into the DMZ and needs to be routed through the PA (5050) to the trusted interface (HQ LAN ...

Resolved! GP 4.1.1 wanting me to downgrade to 2.1.1 as an "Update"

I haven't had this issue with any other 4.1.1 clients I have installed for my users. We have been slowly rolling out 4.1.1 while upgrading machines and replacing them with users. This morning when I came in to finalize a deployment GP 4.1.1 is now prompting me that I haven't heard from my users that this is happening to everyone so I am thinki...

wtf gp.png
nrhoades by L0 Member
  • 3429 Views
  • 3 replies
  • 0 Likes

Query on wildcard certificate

Hello, Our wildcard certificate doesn't have any SANs associated with it. Is this a requirement for usage of a wildcard cert?Can I use the same certificate for both web management and GP? Thanks in advance.

Farzana by L4 Transporter
  • 2989 Views
  • 2 replies
  • 0 Likes

Resolved! HA Connectivity between 2 Data center with Fiber connection

Dear All, Can anyone please help regarding an HA configuration between 2 different data centers far in distance from each other, and connected to each other using a Fiber link. is that configuration possible? how to do this over only one link between the 2 locations? Thanks,

Resolved! Check other Panorama admin accounts last login time

Hi, Please can someone tell me if there is a way to check the last login time of administrator accounts other your own account on Panorama (8.1.1) ? We have multiple administrators and need to be able to identify accounts which are not being used. I am aware you can check the last login time of the account you are logged in with yourself, but I ...

Dancourt by L0 Member
  • 5519 Views
  • 2 replies
  • 0 Likes

Resolved! downgrade from 8.1.3 to 7.1.16

I am trying to develop an upgrade path from 7.1.16 to 8.1.3 and i have a test PA220 that I am working with. I don't want to have to to a factory reset to my test firewall but so far it has allowed me to upload a 7.1.16 image, but they when i try to install it it give me the error" failed image wrong for platform" then my software file for 7.1.16...

jdprovine by L4 Transporter
  • 2362 Views
  • 2 replies
  • 0 Likes

Resolved! Site / urls you don't want to decrypt

Hi I have a set of decrypt rules 1 to no decrypt based on src addressor dst addressor url - the usl is from custom objects / url category where I add in url's lile *.lync.com then i do my decrypt line so the above gets hit first and then the decrypt I also notice there is device / cert management / ssl decrypt exclusion << which seems to b...

ssl decryption and temp cert management

Hi I ran into an issue with the decryption cert being provide by my PA it had expired. it was 30 days in. I believe this is an issue with the date time comparision and timezones as it has fixed itself today. How do i find / look at these temp certs via the clihow can i delete / renew or purge them from the cli A

Dynamic update error " Failed to upload image..."

While trying to push dynamic updates from Panorama to managed devices it is failing for some of the devices(PA-200)It gives an error " Failed to load image.."We have checked the licenses of the devices for which dynamic updates are failing and found that it is valid.Also the PANOS version of Panorama is 6.0.4 and the managed devices PANOS versio...

tac.in by L3 Networker
  • 7057 Views
  • 3 replies
  • 0 Likes

Rest API for CPU utilization

Hello, I'm trying to create a Rest API URL to check the CPU utilization on my management and data planes and create a report to monitor over time. Using commands like show running resource-monitor did not give me exactly what I was looking for. I used the <firewall ip>/debug and got the following XML: <response status="success"><...

ha sync issues

I am have trouble with intermittent synch failures between my primary and passive firewalls. I am currently at OS7.1.16 and TAC told me that to fix my sync issues I need to upgrade to 8, Any thoughts on this

jdprovine by L4 Transporter
  • 6163 Views
  • 11 replies
  • 0 Likes

Resolved! Vsys + Failover config (Urgent!)

Hi,I am very new to PaloAlto and currently trying to figure out the following: 1. is HA or Failover VSYS specific? 2. if so, how do I find failover/HA config per vsys?3. How do I setup failover/HA per vsys? the appliance i am using is PA-3020 software version 7.x. I will really appreciate your help with this. Kind regards,Ali

qasim02 by L2 Linker
  • 7495 Views
  • 7 replies
  • 0 Likes
  • 24340 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks