This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4108 Views
  • 0 replies
  • 0 Likes

Global Protect HIP Does Detect Firewall with New Apple MacOS Sequoia

Can you please provide some advise on this: Our client has an issue with the new Apple MACOS Sequoia The new Apple MacOS Sequoia seems to have changed some behaviour in how they check the local firewall. Currently Global Protect HIP does not detect if the local firewall is enabled. I have attached the information above. Apple Firewall:...

image.png
image.png
image.png
Salathiwe by L3 Networker
  • 9936 Views
  • 9 replies
  • 3 Likes

Resolved! Upload Panorama License Key via API

Hi, I'm running Panorama in an air-gapped environment. As it stands, I have to download the license key from the Palo Alto Support Portal and then manually upload the key to Panorama. Is there a way this can be automated? Does the API support this method? I can't find anything that suggests that it does. Kind regards, Carl

C.Stuart by L1 Bithead
  • 1512 Views
  • 2 replies
  • 0 Likes

Help me understand wildfire please!!!

I am having some trouble understanding the different wildfire options. Hoping someone can lead me to being able to understand. First of all - the wildfire profile itself:We have two sections - rules, and Inline Cloud analysis. What is the difference between these two sections? According to documentation: "The Advanced WildFire cloud operates a s...

VK9H13 by L2 Linker
  • 2998 Views
  • 2 replies
  • 1 Likes

Resolved! postRequest() error: 'Error: device proxy - cannot connect to web server'

We have had problems with the graphic interface of some 3250 units. The units respond to ping and allow CLI connectivity, however, when I try to load the graphic interface from a browser it indicates that it is not possible to load due to connectivity problems, which is not true since the unit does respond to ping and CLI. We tried connecting di...

aalfaro by L2 Linker
  • 3588 Views
  • 3 replies
  • 0 Likes

Custom reports problem

We have problems with creating custom reportsWe configured custom reports as we need pointing the time interval for one month but the report shows us only two last days of the previous month.i can also show you admin@PA-3020> show system logdb-quotaQuotas: system: 4.00%, 3.231 GB Expiration-period: 0 days config: 4....

image001.png
Radmin_85 by L4 Transporter
  • 4429 Views
  • 5 replies
  • 0 Likes

Resolved! NAT LOGGING

Hello, I am a newbie so please bear with me, I Have a very simple LAB with a Palo Alto firewall with 11.00 Ver and an internet connection.I know that to provide internet connection to the user i would need a Policy,default route and a source NAT. Lets suppose I dont have a Source NAT for the internet connection, how would I know that I am ...

ECMP With PBF

Hi, I have ECMP with PBF configuration for dual ISP. ECMP using weight 100 on ISP A and 200 ISP B. PBF rule user A to isp A, user B to ISP B. default routing to ISP using the same metric we expect that user A will go to ISP A, but in reality user A is expected to ISP A, but we saw on the log several user sometimes is still go to ISP B, even ...

Why would what worked in Sophos would not work with PA

Hello everyone, Trying to make my ubiquity unifi access points with multiple ssid tagged with their own vlan IDs work with PA. it worked seamlessly with Sophos but can't make it work with PA. I have one Ethernet port L3 configured with subnet DHCP, DNS and assigned to office zone. Acces points are connected to it via smart switch which is ...

Resolved! Error: Threat database handler failed (Module: device)

I got two devices 3020 and is running with HA Active/Passive.First, I have download and install "Application version 384-1877 (07/18/13) and Threat version 384-1877 (07/18/13)" on the Active device and I select Syns ... to peer.After that, I issue "request restart system" on the passive device.Next, when the passive device reboot sussesfully, th...

same subnet multiple VRs not working

I am trying to setup SDWAN, however this firewall currently has several Site to Site VPNS which causes an error on deploying site to site vpns. I am trying to setup a second WAN address to be usedonly for SD WAN. Currently my public ip is 2.2.2.2/24 on ethernet1/2. I converted it to a trunk vlan 2 (2.2.2.0/24) as the native vlan and the tagged v...

mmercald by L1 Bithead
  • 1513 Views
  • 1 replies
  • 0 Likes

How configure to receive email when an Importan action is required

Hello, From my colleague I have received the info about Upcoming November 18, 2024 Deadline for NGFW User-ID and Terminal Server (TS) Agent Certificate Expiration where I need to set and receive that Important Emails? is because I'm the responsible of all PA's Firewall on our organization but I don't know where subscribe to receive that ema...

S.Liloia by L0 Member
  • 875 Views
  • 1 replies
  • 0 Likes

Receiving too many alerts when a ISP or Tunnel link goes up or down.

Hello. I have a Palo Alto PA-440 We have enabled path monitoring for our ISPs, with the destination address/monitor IP set to 8.8.8.8. The ping interval is set to 3 seconds, and the ping count is 5. Additionally, we have configured and enabled system email alerts for the severity level "Critical". As soon as any of the ISPs is down or the route ...

System-log-test --1.png
Rehaman by L0 Member
  • 1196 Views
  • 1 replies
  • 0 Likes

PA- Security Policy Destination as FQDN issue

Dear Community, I am facing an issue were the i have post security rule allowing the access to some FortiGuard URLs, on the other hand i am have a default deny rule with reset-both action right above to the interzone & intrazone policies. What actually happening is the traffic will hit the allow policy and right after will hit the default...

Unable to access HTTP & HTTPS

When I switch from passive to active, I can't access the application via http and https. But I can ping and telnet the application via port 443

thanhlb by L1 Bithead
  • 2427 Views
  • 8 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks