General Topics

Discussions

Sorted by:

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

PA firewall can't properly reassemble fragmented packets if the traffic is asymmetric

Hi PA Expert,

We have a network environment that have an asymmetric routing and fragmented traffics.

Model: PA5060

PANOS: 8.0.6-h3

Method: vwire mode

No security profiles applied, no zone protection, no QOS, just single security policy that allow all.

...

CLI show session all filter - negation

Hello

I need to show all session with destination IP 2.2.2.2 from all my worstation but not from my 1.1.1.1

How to do that?

Negation using "!" doesnt work (works perfectly in GUI)

show session all filter source !1.1.1.1 destination 2.2.2.2

Regards

SLa

...

Resolved! I can't get IPs from output of minemeld in autofocus.

Hello,

I can't get IPs from output of minemeld in autofocus.

Please refer to the follwoing message and then give me any assistance.

I can see IPs when I enter the follwoing url on a browser.

https://0b2b72a3.paloaltonetworks-app.com/feeds/feedMCWithV

...

Resolved! Disable possibility of Commit

Hi, I want to know if there is some way to know if

In which scenario, we can guarantee that a PaloAlto device united to Panorama (For "x" reason) can give a COMMIT that involves a complaint from the Business Unit.

Or there is a button ("Disable" in Pa

...

Community Expert Verified

Resolved! Best Practices for PAN-OS Upgrade without downtime

Hello all,

i have Active /passive firewalls

how can i upgrade PAN-OS without downtime ??

1-when i upgrade active , it will reboot then passive will be active ..

2- When i upgrade the new active is it will be back to old active again ?? what about OS

...

Failed upgrade

I tried to do an upgrade from 7.1.13 to 7.1.14 and it appeared to install fine, but the ports, all the ports, failed to come up again. So I rolled it back to 7.1.13 and it went back to working fine

Upgrade from 7.0.12 to 8.0.6-h3

Hi,

I have checked the PAN-OS upgrade document and find it bit confusing. Using standalone device.

Can someone please confirm if the following upgrade path will be correct?

7.0.12 —> download 7.1.0 —> Install —> Reboot

Download 7.1.15 --> Install

Downl

...

Resolved! Upgrading from PA500 to PA220

Sales team reached out to me recommending that we upgrade our PA500 to the PA220. We are a small company with a data pipe of 100MB. We do not have a lot of settings on the PA500. On an average we have around 1500-2000 sessions per the UI Home page. L...

PANGP Virtual Adapter Not Created

Hello,

The company I work for uses Global Protect as their VPN (transitioning from AnyConnect) and I am having an issue after install. This is a Windows 7 PC, HP Compaq Pro 6300 SFF, and it does not create the PANGP Virtual adapter. GP version 4.00

...

commit lock

Is it possbile to apply a commit lock prior to and upgrade and still be able to upgrade the OS?

Audit Panorama Deltas

I should know this, but how to see deltas and the user name that committed them?

User-ID with Azure AD

We currently use User-ID with an on-premise Active Directory server. We are planning on moving to Azure AD (not to be confused with AD services in Azure). Are there any plan on getting User-ID to work with AzureAD (web Auth)? What other options can

...

Resolved! Version 7.1 for PA-850

Is there a way of getting 7.1 onto an 850? Need to get new firewall into service soon, ideally managed by Panorama. Panorama is on 7.1 and it seems cannot communicate with the 850 as it has shipped with 8.0. Won't be able to get Panorama upgraded in

...

Forward Youtube and Facebook traffic to specific WAN interface

Hi all,

There are any ways can be redirected or forward (use PBF) youtube and facebook traffic to secondary ISP (if we are running with dual ISPs)?

Thanks all!

Catchall DNS and Redirect to host

My old firewall was able to catch all dns requests from a zone and redirect them to a defined server. I cannot find a way to do that on the Palo Alto. Can it be done?