This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Doubt about 8.1 version source-user logs

Hi, I just upgraded my firewall to 8.1.0. I was checking the log and i see that now the "source user" in log traffic is the full name machine with $, not the AD user. Before 8.1 was: domain/john.englishNow is: xxxx.dom\PCfullname$ Why??? how can we continue using "acme\user"??

Resolved! autocommit fail : Total NAT DIPP exceed

Hi all, I found the issue after upgrade Palo alto from PAN-OS 5.0-6.1.0 when to 6.1.0 auto-commit faile and show messages "Total NAT DIPP translated IP 804 exceeds the capacity of 800 " My model PA-5050 so, I would like to know this issue occur?

Palo alto static routing issue

Hi, We are configuring a new routing scenario but we are expecting problem taking the correct route. This is our static route table: destination interface gateway metric 10.50.1.0/24 eth1/1 10.50.250.1 110.50.2.0/24 eth1/1 10.50.250.1 110.0.0.0/8 eth1/5 10.50.50.4 10 If we run a "test rou...

BigPalo by L4 Transporter
  • 10215 Views
  • 19 replies
  • 0 Likes

test security-policy-match application ping -> Server error : argument protocol is required

Hi, I am trying to test ping from zone A to zone B using 2 hosts IPs which belong to their respective zones.What is the correct way to specifically test application ping? fw1(active)> test security-policy-match application ping from from zone_1 to zone_2 source 192.168.1.1 destination 192.168.2.1Server error : argument protocol is required Pi...

ash83 by L2 Linker
  • 4393 Views
  • 1 replies
  • 0 Likes

SYSTEM ALERT : critical : fail to integrate the update of registered ip addresses since 61 seconds

Greetings I am not sure if anyone has come across this alert SYSTEM ALERT : critical : fail to integrate the update of registered ip addresses since 61 seconds on a regular basis? If yes, can someone please shed some light on what is causing this issue? When this alert was seen for the first time, I went on to restart the user-id agent as ...

Resolved! How many IPSEC VPN peers can PA-5220 handle ?

Hi All, We are having a scenario where we are supporting various vendors through IPSEC VPN and we were using Cisco ASA 5585-X for that.The problem is we are nearing the 4000 total active tunnels now and ASA is facing some issues handling that much tunnels, so we are thinking to migrate these tunnels to PA-5220.Now when I reffered to the data she...

Resolved! Policy Based Forwarding

Hello, i want to use policy based forwarding to forward all Traffic out via a specific next hop except private address ranges, When i negate the private address spaces the rule just shows these lined through, so it will not policy base route for these, it does not show ANY though without a line? I have shown this in attached screenshot. is t...

PBF.jpg

Resolved! Plz urgent help in Bridge+Tap mode

HelloI just need a confirmation if i can configure a TAP interface + 2 bridges interfaces, and make 2 policy rules, one for TAP and the second for the bridge, in order to generate logs for TAP and bridge traffic at once, that is possible? Thanks

Resolved! Creating a duplicate network?

Hi folks, I am being asked to create a duplicate network that will service VM clones of production VMs for testing and development purposes (without changing their IP or anything else). We have something similar at a different site using "transit" zones and individual NAT rules (that I did not configure), but this task is a bit different from t...

replica_diagram.jpg
OMatlock by L4 Transporter
  • 3882 Views
  • 3 replies
  • 0 Likes

Resolved! Global protect high availability

Hi Techie, Am deploying global protect in 4 different region, based on regions they will be getting connected to appropriate portal. if the appropriate location portal is down then they have to come to DC portal, how do i achieve it ? FYI, Am using prelogon based authentication and i have machine certificate verification for the identity check o...

HELP - Computers with two network adapters

Hello, I have a network with a few computers with two network adapters NIC1 to the main netwrok 1.1.0.0/16NIC2 to the backup network 1.2.0.0/16 We are detecting the lost of connection every few minutes. It's necesary any special configuration to allow this arquitecture? Thanks

m.molina by L1 Bithead
  • 3067 Views
  • 2 replies
  • 0 Likes

Resolved! Incorrect QoS Configuration Caused Network Traffic Outage

Quick design question Community. The setup is a core switch that terminates a Palo Alto for WAN and then a private circuit for internal resources back to a core in a different location. In the event they lose the WAN circuit, I need to route all the internet bound traffic back through the private circuit. I was going to treat it like a Dual ISP ...

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks