General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Factory reset on a PA-3220 that was part of an HA cluster

I have been working with Palo Alto support on our passive PA-3220, which can no longer boot up successfully. Power cycling the device doesn’t bring it back; it just keeps rebooting until eventually it ends up in maintenance mode. Palo Alto recommends performing a factory reset on the device and then restoring the device from a backup configurati...

Resolved! Software

Hello, We are currently using a Palo Alto PA-1410 running on software version 11.2.3. However, when we check for updates, the only version available is 11.1.4-h7, as attached. The Apps.Threats update is working correctly. Could you please let us know if this is normal, or if there is something we need to do to address this? Thank you for your ...

Palo alto_03122024.PNG
Palo alto_04122024_Threat.PNG
PAN-OS 11.2.PNG

Resolved! sorting question

How do I remove the sort by ascending/descending in tabs like vulnerability protection profile and in URL categories, I recently accidentally activated these features and they are quite annoying. previously the Custom URL category allow/block list was in a chronological order of when I added them to the list, now they are in alphabetical orde...

How to add palo to multiple device groups

I am deploying two new firewalls. I have clone the existing templates and created new template stacks. I am not adding the firewall to the correct device groups and they have two VRFs in use. The old firewalls are detailed as YGC-FW1 and 2. The new are YGC-Palo-DC1 and 2. I have added the new to one of the new VRF groups but now I am unable to a...

MAllen_2-1732535519089.png
MAllen_0-1732535447632.png
MAllen_1-1732535488196.png
M.Allen by L2 Linker
  • 1994 Views
  • 2 replies
  • 0 Likes

system resources snmp monitoring

Hello, We have sometimes occurencies of network outage because of particular trafic that leads to high load on packet descriptor and packet buffer on our PaloAlto PA-5220. We would like to snmp monitor the following values from the output of CLI command : show running resource-monitor packet descriptor (on-chip)packet buffer By using a monitorin...

SSL TLS

Can A Secured SSL And TLS Encryped Virtual Casino Can Be Decrypt To Get Any Sort Of Information Looking Throught

Resolved! PA-220 won’t get IP from ISP.

Hey, all. I have a PA-220 that I am trying to setup on my network. I connected it up and set up the layer 3 on it, then turned my router into an AP and lost all connectivity. Currently I have it connected to my modem on ethernet1/1, and As it is a residential connection obviously my IP is dynamic. I followed the dynamic configuration instruction...

Stop wsc files

Hi I know WSC is not on panos file types encoder list. My question is, how can i lower down download risk by using custom url filtering? How can i stop for example: Https://www.c.com/download/*.wsc?

chens by L3 Networker
  • 1013 Views
  • 1 replies
  • 0 Likes

syslog-ng 3.5.4.1 failure on boot

Hi, We have integrated syslog-ng 3.5.4.1 on a client machine which sends logs to server which is running syslog-ng 3.16.1, some times, I see below error at the boot up of our targetsyslog-ng[1762]: Error opening control socket, bind() failed; socket='/var/lib/syslog-ng/syslog-ng.ctl', error='Permission denied (13)'and logs will not be sent to th...

User100 by L0 Member
  • 3437 Views
  • 2 replies
  • 1 Likes

VPN Cisco concentrator/ISE - USER-ID log to PA

USER-ID log from VPN Cisco concentrator Dear Live community, how is everything going ? Have you ever had to do the following? We have to integrate a Cisco ASA, with Palo Alto, so that the PA receives from a Cisco ASA and/or Cisco ISE the users to be able to have mapper with USER-ID the users that connect by VPN. ( There is no global protec...

Metgatz by L4 Transporter
  • 6860 Views
  • 7 replies
  • 0 Likes

Resolved! HA Firewall Device Migration/Hardware Swap

Need to replace an HA pair of Panorama managed, currently deployed firewalls (PA-5220s) with a different pair of Panorama managed firewalls (also PA-5220s), with minimum/no downtime; device licensing is different between #1 & #2 pairs, necessitating the swap. Proposed procedure (detailed in attached picture)- Copy Panorama DG/Template for H...

Resolved! Remote VPN gateway - IKE intitiator drop on Palo FW

Hi all, so a weird issue.. i have a pa1410 with multiple VPNs all working happy days. I have one client with a linux software based FW (cant recall fw vendor) we are using same ike/ipsec settings both ends all is good.. if i initiate vpn (test vpn ike-sa gateway xxxx) from Palo side, the VPN comes up and all is working.. however if client initi...

PA_nts by L4 Transporter
  • 2915 Views
  • 6 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels