This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4243 Views
  • 0 replies
  • 0 Likes

Resolved! How to configure a specific event to be sent via email

Hi Guys,How would I go about configuring my PA to email me everytime another device with the same IP address of the Palo Alto joins the network, please? I didn't want anything else to be emailed to me, just that particular event. I remember I was able to see the "duplicate IP address" message on the logs but I am not sure how I would setup the f...

sonivEX by L0 Member
  • 3214 Views
  • 3 replies
  • 0 Likes

H/A Clustering Query

Hi, I have a query regarding H/A clustering, I potentially have a requirement for H/A clustering with 3 firewalls and not just 2 (i.e. Active/Standby or Active/Active). I believe that presently a 3 firewall cluster is not currently supported however I need to understand if this is something on PAN’s roadmap, possibly in 8.1?

Data Plane high PA - 5020

i have problem about data plane, and the TAC say : packet rate is high, but i cannot find, how much PA-5020 can handle packet rate maximum.i use command "show system statistic sessio" packet rate is 130K - 150K and dataplane 77% at 11:00 AM, but i see packet rate is 130K-150K and dataplane 85%my question is : what indicator can make dataplane hi...

Block recently registered domains

Is anyone successfully blocking domains that have been registered recently (last 30 days)? My testing has shown in the last three days, 380k domains have been registered. My PA-3020 capacity for External Dynamic Lists only supports a total capacity of 50k domains. Does anyone know of a better method to achieve this?

ASCIT by L2 Linker
  • 5368 Views
  • 5 replies
  • 0 Likes

Resolved! Download PAN-OS from GUI failing, potential MTU Problem ...

Ok folks Here's an interesting one for you. This is to do with connectivity between Panorama and updates.paloaltonetworks.com We can retrieve licence info and download list of updates available for downloads (SW and Threats), but when clicking on download link the connection fails with standard connectivity to updates.palo error, try again later...

nawaza by L2 Linker
  • 3921 Views
  • 3 replies
  • 0 Likes

Resolved! Zone protection show wrong severity

We are doing a lab and making test attacks and see if the PA can detect them, we have an interface in tap mode and it is doing the span, we did all the configurations in a PA-200 but when we lunch brute force attacks or sql injection, the logs shown in the "threat" section appears "informational" for the severity column when it should appear an...

RCastro by L1 Bithead
  • 3213 Views
  • 3 replies
  • 0 Likes

Dynamic NAT

We are moving NAT from the routers to the firewall (5050), the routers do not release the session's efficiently so we are constantly running out of IP's in the pool. Is there a rule of thumb for the number of IP's to sessions on a PAN 5050? We run at a consistant 250K sessions. I understand the 64k connections per IP but I have been burned with ...

GFN182 by L2 Linker
  • 2651 Views
  • 2 replies
  • 0 Likes

Best Practices of log filter

Hello, As a network admin, when user escalates that he cannot access some specify website, what's the best way to find the property log which was triggered by use's browsing activity? Of course we can apply filer as "username", but even though, we will still got a lot of logs in a very short time period. What's your best practice? Thanks

qd_056 by L2 Linker
  • 4681 Views
  • 5 replies
  • 0 Likes

Log forwarding, filtering and auto tag

Hi there I've played with this feature for a while on my own FW, but must be doing something wrong. I'm adding the log forwarding profile, and when checking the filter I make, I get many log lines. But I don't get any output in the DAG. I've tried with threat and traffic logs. Documentation is rather slim on this topic. Anyone done this with su...

gtomte by L3 Networker
  • 7692 Views
  • 5 replies
  • 0 Likes

Resolved! Filtering, Notification, Approval processing capability

Hello, In some use-cases, we may want to have the following features: Filtering - Maybe a list of search strings that if matched are excluded from the output Use-Case: URL lists for O365 are very messy, and sometimes we don't trust all the output given by MS. We may want to filter certain URLs from getting added to the output Notificati...

PAN OS 8 displaying multipe threat/anti virus versions

Hey folks. I don't know if this is intentional or not, but it's annoying as hell, and if it's configurable, I'd like to know hwo to fix it. Since upgrading to Pan OS 8 on one of my PA's (a 500), I've noticed that when I check for dynamic updates, I get multiple versions dispplayed - like the below Previous versions only displayed three - the cur...

threat_display.jpg
darren_g by L4 Transporter
  • 3331 Views
  • 3 replies
  • 0 Likes

CLI commands for Palo Alto configuration

Hi, Are there any CLI commands which we can use to assess all the checks listed in the CIS Palo Alto Firewall 7 Benchmark? For Example:Check : Ensure 'Minimum Password Complexity' is enabled Navigate to Device > Setup > Management > Minimum Password Complexity.Verify Enabled is checked. Is there any CLI command on Palo Alto Firewall dev...

Arti_K by L1 Bithead
  • 9214 Views
  • 5 replies
  • 0 Likes

Will an On-Demand configuration keep GlobalProtect from notifying me that it did not connect?

I've deployed GlobalProtect 4.0.3-31 to my lab machines. When I log in, I get notifications that GlobalProtect is connecting, and then that it is not connected. I'm not panicked because my portal is not available from my internal network. Will switching to an On-Demand configuration make these notifications go away?

Integrating Minemeld with TheMediaTrust

There is a current miner prototype for themediatrust, and the comment from the .yml file indicate that you need a valid TMT DTI API Key to use this Miner. How do you configure this DTI Key in the Config section from the New Local Protoype page? Thanks, John

jcornell by L0 Member
  • 2772 Views
  • 1 replies
  • 0 Likes

Palo Alto and Cisco ISE packet issues

Hi ive got an issue when a user connects on our VPN using the global protect client the connection will take nearly a minute to connect and in the backgroup create several failures on our Cisco ISE RADIUS server, before finally let the user connect. I have got calls open with both Palo Alto and Cisco support but i kinda feel like im not getting...

  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks