This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4473 Views
  • 0 replies
  • 0 Likes

LDAP Auth to WebUI if Directory Server is not reachable.

Just throwing this out there to see if there is some solution.We want to enable LDAP auth to our PA's for our admins. I have the Auth profile configured and working well as long as the directory server is up.In the odd case that we have a system failure of the LDAP directory server or a firewall rule inadvertently gets removed that blocks acces...

HELP: How to block access to any site except those on a whitelist...

Hi, On a certain Zone I need to block access to anything else but these URLs on a whitelist like this: edition.cnn.com/healthedition.cnn.com/travelmoney.cnn.com/technology/ How can I do that most elegantly (I have a VM-100 with latest PanOS) Thanks a lot for a quick reply on this, I have tried with URL filtering but to no avail... Tor

Resolved! Dual ISP with load balancing

We have a VM-200 firewall. We use this as our guest firewall. We wish to load balance all traffic between two ISPs, both 200Mbps down/40Mpbs up. We have one /19 subnet for all clients. Please let us know if we can do this with the firewall, or do we need an external load balancing device. Thank you, Scott

ssassin by L1 Bithead
  • 5924 Views
  • 2 replies
  • 0 Likes

Palo Alto upgrade and download fail

Hi Everyone May I ask one question for the appliance upgrade and system error message. My appliance cannot install the any version PANOS even i tried install same version, ( current version is 8.0.7 )it always sent me the message as belowalso i tried downgrade to base img ( 8.0 ), system still display same message already.finally i tried reboot ...

1526038806034.jpg
1526038806034.jpg
TysonLiu by L2 Linker
  • 3932 Views
  • 3 replies
  • 0 Likes

Resolved! Run MineMeld over HTTP

I'm in the process of running multiple MineMeld behind a server load balancer. I want the backend MineMeld servers to run the application over HTTP. The reason for this is I want to offload SSL from the servers. Currently, nginx redirects HTTP to HTTPS. What would I need to do within the nginx configuration file to stop the https daemon and ha...

nopsled by L0 Member
  • 12467 Views
  • 8 replies
  • 0 Likes

Resolved! Platform Upgrade to 3200 and 5200 series platforms

Lately a few customers are planning an upgrade from 3000 to the new 3200 and 5200. Often they run 7.1.x and the new platforms only support 8.1.x. Normally these are high sensitive environments and the request is to shift the existing configuration with as little change as possible to reduce impact and upgrading the old firewalls before the upgr...

BatD by L4 Transporter
  • 5546 Views
  • 8 replies
  • 0 Likes

Resolved! I am unable to view traffic in monitor

I notice today with our Palo Alto devices. I can no longer monitor traffic on the monitoring tab using either the Traffic or URL Filtering options. I’m getting an error that states “Invalid XML response from server”. Do you know of a quick way that I can resolve this issue.

Resolved! Where does Critical Issue List go?

Hello Palo Alto, I was using following link to check critical issues.https://live.paloaltonetworks.com/t5/Integration-Articles/Critical-Issues-Addressed-in-PAN-OS-Releases/ta-p/52882 I can't access to it anymore. How can I collect the latest critical issue information?Do I have to open a ticket every time I want to know? Regards,Emr

emr_1 by L6 Presenter
  • 4311 Views
  • 4 replies
  • 0 Likes

Resolved! Captive-Portal Error with MP Software Process 'keymgr' and 'l3svc' Problem

Model : PA-500OS: 6.1.13Captive-Portal/GlobalProtect are used Hi. I've got some issue from my customer about Captive Portal Issue. The customer said, the Captive-Portal authentication screen, couldn't be seen for few days,even if portal page open, like google, or other starting web-page, they couldn't access to other link with errors. So I'd tri...

error-message.PNG

Upgrade for HA Pair

Hello, i am looking for some guidance on upgrading a non panorama setup of an Active/Passive HA pair of 3050s. They are running code 7.1.6 and we would like to move to a later/latest release of 7.1.x i have searched around but can only find a guide for using Panorama under the upgrade best practices. is there another guide available which deta...

Resolved! Recommended stable release for PAN-OS 8.0.x

Hi, I am planning on updating PAN-OS on our Panorama virtual machine and our two firewalls and would like to know what the most stable release for PAN-OS 8.0.x is? Any help with this query would be greatly appreciated.

Resolved! nt-autorität\anonymous-anmeldung

Hello Guys,I have sometimes a problem with the user identification on the PA500. Our Users can only browse the internet with your AD-User. Sometime the User is lost on the PA. The User "nt-autorität\anonymous-anmeldung" is used? Why? How can I find a solution? Thanks cuWolfgang

Dual WAN (ONE ISP and MPLS link)

Hello All, Need your help/guidance on the following requirement We have 2 WAN links, One ISP with Static public IP and MPLS connection for Internal server access. Requirement: 1) All the Internal users (Trust Zone) has to go through ISP Wan for Internet access 2) Secondaly, to Access Internal Web application servers Hosted...

Sharan.k by L0 Member
  • 2759 Views
  • 2 replies
  • 0 Likes

Resolved! User-ID Agent exclusion list

Hi All Is it good practice to exlude all server subnets in exclude list as I believe we are not interested in administrators to IP mapping for servers? What could be the user cases for exlcude list on firewall and user-id-agent?

Resolved! User-ID based policies exclusion

Hi I want to enable user-id features in all security policies. But I have a question, from users to Domain controller, I should not use user-id feature? as firewall does not know about user-ip mapping untill users are login to domain controller?Also on which security rules, I should not enable user-ID?

  • 24380 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks