This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

PaloAlto Managed Services Question:

I have a question pertaining to Palo Alto's Managed Services business. Does Palo Alto have its own Managed Services business where they service end clients directly? Another way of asking this is, does PaloAlto only use the partner channel to deliver managed services? I was curious as I am looking at PaloAlto and doing research to learn more....

CryptoRG by L1 Bithead
  • 4576 Views
  • 4 replies
  • 0 Likes

Layer 1+2 decisions for PA820 HA pair

This is my first time having the luxury of two ISP's and redundancy in all hardware - I was tryingt to research best practice for wiring the PA pair as active/passive router/nat - I found some mentioning of using port channels to achieve local redunancy, but I don't see much info on it, doesnt seem widely used. Please see image below about my th...

2isp_asr_pa820_6840_wiring.PNG
stoker by L1 Bithead
  • 3779 Views
  • 6 replies
  • 0 Likes

2nd default route

My PA already has a Default Gwy pointed to the current Internet provider. I got a new Internet provider and I'd like to test the Internet connection by only allow my traffic to go to the new Internet connection. What is the side effect if I add another Default Gwy pointed to the new Internet provider? Thx

jac101 by L2 Linker
  • 2956 Views
  • 3 replies
  • 0 Likes

Captive Portal doesn't redirect

Hi Community, I'm getting mad....I configured a simple captive portal in my testing environment with saysing: everything from host A to untrust with tcp-443 and tcp-80 will be captive-portaled - so far so good.I configured the captive-portal in the user-id area, did the interface profile settings, activated the user-id on the zones and configure...

Chacko42 by L4 Transporter
  • 4221 Views
  • 2 replies
  • 0 Likes

Source User Doesn't Show

Dears, I have a problem with uses coming from WIFI and non-joined domain the source user doesn't show and show a blank please find the image.I have installed the CA's for our domain and the PA put didn't work. Our infrastructure as shown below. Wireless Controller "Cisco Aironet 1850 Series Mobility Experss"

Infr.jpg
Capture.JPG

IPsec Vpn tunnel was down

PA-850- 8.0.6-h3 Customer complains IPsec was down how can i check it on gui sytem logs or via cli. Ihave checked the Moniter>system logs and couldnt find any logs related to "tunnel-status-down"Thanks,Ranji

Resolved! SMTP Relay failing after PA update

Hi, I just upgraded to 7.1.16 and since that point my Windows server can no longer make a SMTP connection to a mail relay service (outbound.mailhop.org) on port 2525. When I look at the Traffic log, I see the action as reset-both and the threat is "Fragroute Evasion Attack For Unknown-tcp Traffic". Presuming this is a false positive, what is th...

"Deactivate License" : Where did they go and how can I reuse them?

Hello everyone, Has anyone actually used the "Deactivate License" feature to unlicense a vm and then license another vm? My goal was to move licenses from a v7 vm100 to a v8 vm100 on new hardware.I successfully deactivated the license on one of my 6 VM-100's. It seemed to work, the serial # etc was removed from the single vm. Now that it is gon...

dbrenipc by L3 Networker
  • 3422 Views
  • 2 replies
  • 0 Likes

SSL decryption inbound issue

We've been using SSL decryption inbound for a while. In order to decrypt traffic based on DHE and ECDHE ciphers, we moved to PAN-OS 8.0. On 7.1.10, traffic with those ciphers were not decrypted but passed through. Now, on 8.0.6, we see drops. The decryption profile sets TLSv1.0 only as protocol, but we allow other protocol versions and ciphers (...

ACortes by L2 Linker
  • 7806 Views
  • 7 replies
  • 0 Likes

Issue User-ID Agent some user mapping long time

Hi Expert , I found issue about UIA which some user logon into network sometime IP mapping user long time or sometime not mapping I must use clear user mapping and every time and ip map user on AD , I would like to know why user mapping longtime or not mapping show unknow however , I config cache User Identification Timeout (min) 720 mi...

Shutdown/Disable MGMT interface due to DNS issues

Hi Guys, I got a simple question for you: Is it possible to literally disable/shutdown mgmt interface, via CLI or webUI, in a VM enviroment when is not needed? I notice a DNS issue after we have deleted the IP address assigned to the MGMT interface via cli with command:"delete deviceconfig system ip-address" Obviously we have made PA reachable f...

Resolved! PA-5220 HA Config Ethernet or Crossover Cables?

The first step seems a bit contradictory, just looking for some clarification. I have 2x5220s that I am setting up in HA Active-Passive mode. To cable the dedicated interfaces it looks like I just use regular ethernet cables, but the second sentence "Use a crossover cable if the peers are directly connected to each other." seems to contradict th...

mike406 by L2 Linker
  • 13185 Views
  • 8 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks