This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 486 Views
  • 0 replies
  • 2 Likes

Resolved! IPSec Tunnel performance tips?

Hello folks,

 

I've seen a this article about improving performance by enabling this Adjust TCP MSS.  Ours is not enabled.

https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Improve-Performance-for-IPSec-Traffic/ta-p/53301

 

Would this be ena

...

ipsec_performance.jpg
OMatlock by L4 Transporter
  • 4672 Views
  • 1 replies
  • 0 Likes

debug Palo alto firewall rule

we maintain one PA security policy rule and give ip 192.168.0.11 to access server UTP01, the user is using ip 192.168.0.11, and he can't access the server,  we can't find any security log for this. may i know how to debug this rule?

palolili by L0 Member
  • 2183 Views
  • 2 replies
  • 0 Likes

Firewall analyzers

Can anyone let me know about their experience with firewall analyzer tools?  I work at a university and we have 20 PANs, but we're expanding to new campuses in a few cities in the US and one in Italy.  It's going to be tough to manage double the numb

...

Global protect timeout

Here is a peculiar situation.

 

We have some field users who use their hotspot to connect to global protect. Sometimes,they  loose internet intermittantly for couple of minutes so they are being kicked out of vpn session on their machine. But in fact f

...

Source Translations

I'm trying to find out how to get all the static source translations for a perticular subnet on our Pan 7050. I'm trying to make a spreadsheet to keep up to date static ip's being used. Can do such a command cli on the Pan. I was able to do on a Cisc

...

Resolved! GlobalProtect Inactivity Timer - is HIP Profile required?

So in the configuration of GlobalProtect ( v8.0.5, under Network > Globalprotect > Gateways > (gateway name) > Agent tab > Timeout Settings)  There's an 'inactivity logout' setting, that has a description of 'Users are logged out of GP when the gatew

...

Multiple ISP PA5250

Hi 

I have been asked to purchase a new PA 5250.

It will potentially have 20GB throughput to the internet.

i am looking at an active active setup, with Aggregate interface inside to each FW.

On the Outside i have been asked to connect to 4 x ISP 5GB Band

...

Resolved! Site to Site VPN Tunnel - NAT

Hello everbody,

 

I am most likely struggling with a NAT problem in a site to site VPN tunnel, hoping you have an idea or tip to this topic.

The setup is a site to site VPN tunnel between a PAN and a Cisco ASA.

There is a host (172.16.2.20) behind the PA

...

Resolved! PaloAlto WAN Interface segmentation

Hello

 

Please help me in this scenario

 

There is the big "Company Site" and the other branches point to this Site, there is an MPLS connection between the branches.

Our need is, the PaloAlto supports segmentation on the WAN part ? can we create a sub-in

...

VRF WAN.jpg

candidate configuration

Hi,

What is candidate configuration and what is the purpose of candidate configuration ?

What is the differnece between save candidate configuration and the save using the button on the top right corner ? 

What is the differnce between save candidte con

...

simsim by L4 Transporter
  • 3096 Views
  • 4 replies
  • 0 Likes

Resolved! Can Palo Alto firewall act as a SCEP server

I would like to generate a SCEP request that I want to have signed by the CA on the Palo Alto firewall.  I have beel looking at the documentation and asking my buddy Google, but have not found a way to do this.  I am thinking this is not supported.  

...

  • 23709 Posts
  • 110 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks