This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! netflow behavior

Is the session is long live ( some applications like nfs,panorama) will start and last till 1 month.As we have configured log at session end, the log entry will be created once the session is ended.However we have configured netflow as well.Netflow is also reporting data to netflow server once the session ended on firewall ( which is 1 month lat...

Resolved! Help understand TAP mode

Hello,sorry for a dumb question but I am new to PaloAlto and I would like to understand the TAP mode on a physical PA firewall. We have Cisco Catalyst 6509 switch running in 1 of the offices as a core. PA firewall is used for users' internet traffic and it is directly connected on that switch. We need to find a way to mirror traffic going throug...

Panorama PAN-OS 8.0.8 and always highlighted (Green) Commit button

I have recently upgraded Panorama from 7.1.x to 8.0.8. Although there are no changes and all firewalls are "in sync" for the configuration, the Panorama "Commit" button is Green/Highlighted. Is there anyone using Panorama with 8.0.x and seeing the same behavior? Until 7.1.x, the green/highlighted butting always meant pending config push/non sync...

Resolved! PAN-89471 userid causes firewall to reboot ?

I am considering upgrading from 8.0.x to 8.1.x, but this issue seems like it might be a show stopper. In 8.1.x known issue PAN-89471 "Firewalls reboot because the userid process restarts too often due to a socket binding failure that causes a memory leak. Workaround: Terminate the process that is using port 5007." This seems to read "userid caus...

mike406 by L2 Linker
  • 3652 Views
  • 3 replies
  • 0 Likes

Palo Alto firewall generates SSL version / cipher suites errors

Hi, i have a very strange issue. I have a webserver protected by a palo alto NGFW, if i disable inbound ssl inspection policies everything works fine and i can access the server as intended. However when i enable the inbound ssl inspection policy, with the proper certificates imported in the NGFW, i always get SSL version/ Cipher suites errors ...

tombarat by L1 Bithead
  • 4616 Views
  • 4 replies
  • 0 Likes

Dynamic Update from Panorama doesn't work

I want to use Panorama to perform dynamic updates for the "Antivirus" and "Applications and Threat" sections.On remote firewalls, I configured Panorama as the update server.I also scheduled the automatic update via a template.In Panorama, I have the latest versions of "Antivirus" and "Applications and Threat" installed. However, they are never d...

Resolved! Rule allowed but policy-deny?

Hi, We have something strange in our firewall. We have a client/computer with Sonos software and the software need to update. When we click update in the software we get a message that something is wrong. So I checked our firewall and in the monitor I can see that the update needs to get pulled from akamai and it is denied. So I created a rule t...

ZEBIT by L3 Networker
  • 5417 Views
  • 2 replies
  • 0 Likes

Why is this traffic allowed when the rule should not allow it?

I am tidying up some rules that were "rush" jobs as part of the initial deployment. One rule "TEST-VI" was SRC ZONE - TRUST DST ZONE - PartnersDST Addr - I%%%%%A-VIPApplication - Any I was going to get rid of this as there is another rule after it with "Service 20,988,5678" which would be a better match. But when I looked at the tracffic for th...

palo.jpg

Resolved! PA200 commit failed (file size limit)

Hi, We are running commit from panorama to several PA200. Commit is failing, the reason is "Wildfire size limit" but we havent changed any value in Wildfire. If we restart management plane and run the commit again is working, the commit is done.PanOS is 8.0.9 Why are we having this commit error??

Resolved! How to configure URL Filtering SSL site

Hi all, I have a question regarding URL filtering. I set up URL filtering in Security Profiles to "Alert" for Google Tag Manager. Test and work with the browser access to "https://www.googletagmanager.com/". When I use Wireshark to capture packets, why do I see only packets ssl negotiations "clent hello", not responsed "server hello". However, ...

Resolved! DHCP server relay service down from Palo Alto monitoring

We are using DHCP server relay in Palo Alto provide IPs to network.We have faced issues aboutpalo alto stopped processing DHCP relayIt was not shown in system logsIt was shown in dhcpd.logs ==Warning: pan_dhcpd_cfgagent_initial_config_callback(pan_dhcpd_cfg.c:1902): pan_dhcpd_cfgagent_initial_config() failed2018-05-13 14:44:35.441 +0200 Sending...

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks