This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

PANOS-8.0 broke IPSec XAuth VPN?

Hi, After I upgraded to our PA-3050 to PANOS-8.0, ios and android native clients (using ipsec xauth) don't work anymore. These clients can authenticate successfuly and get a valid IP from the gateway ip pool. But after this they can't access anything. There is no traffic logs shown with the vpn ip either. Anybody using 8.0 can test if ipsec xau...

Resolved! Miner for host file format.

Is there a miner + documentation on how to get it working for a host file list? i.e. https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts This tool was recommended by Palo Alto for a project we are working on, howver the documentation on how to actually use it is hard to understand.

Slow Traffic

Hi,PA in vwire mode , zone client and zone serversIn zone servers there is a print server(windows) and the zone client users pc .Users are trying heavy duty printing (50-100) pages .User complaining about slow operationsHow can I verify pa is bottleneck or making some issuesdata plane is seems to be okThanks

simsim by L4 Transporter
  • 6721 Views
  • 13 replies
  • 0 Likes

PCNSE 8 exam

Hello.I dont know whethet it is right place for this post but i didnt get where else i can ask this questionI want to get PCNSE 8 certificate.I am looking for materials for studing.I only have Exam study guide and admin guide and videos from youtube and etc.I have 6 months of experience with Palo Alto.I got the ACE certificate and other online c...

Radmin_85 by L4 Transporter
  • 7462 Views
  • 4 replies
  • 0 Likes

Attributes monitored in the VMware Environments (match criteria)

I can't find information about syntax of attributes in the VMware (vCenter or ESXi). I can see something here but not much . Few examples of match criteria here and that's it. I've added dynamic group g-vcenter with with i.e. filter: 'guestos.Red Hat Enterprise Linux 6' and it doesnt show anything . How do I debug these VM-information sources ? ...

niuk by L3 Networker
  • 2545 Views
  • 2 replies
  • 0 Likes

Resolved! Can Processor nodes put IPv4 addresses in order and in new ranges?

I find myself wanting processor or output nodes to aggregate IPv4 addresses into new ranges and in order. Since some Palo boxes have a limitation of 50K addresses in a Dynamic List Object, it would help a lot to make my outputs fit in there. Especially since I find myself in front of an output that looks like this in some parts: 108.62.56.100-...

PA-850 Default MTU

I've had nothing but issues with our 850 HA pair since we've put them in production replacing a pair of 3020s. My previous thread here: https://live.paloaltonetworks.com/t5/General-Topics/PA-850-amp-Radius-PEAP/m-p/189233#M57311 detailed the initial main issue. The 8.0.6 firmware fixed a small portion of our radius issue, but the main fix wa...

VPN passthrough

Hi, we're experiencing issue with site-to-site connectivity since we installed PAN firewall in the network few days ago. There are many IPSec (ikev1) tunnels configured between endpoints on the internet and Cisco VPN concentrator (ISR 4k router) behind the PAN firewall. Only 2 specific sites can't establish IPsec connection anymore since PAN has...

jerryv by L1 Bithead
  • 7319 Views
  • 9 replies
  • 0 Likes

Is anybody else reporting AD issues after upgrading to PAN OS 7.1.14

Hi PA Members, So far, seems to be there is only one person having AD issues after upgrading to PAN OS 7.1.14 (https://live.paloaltonetworks.com/t5/General-Topics/PAN-OS-7-1-14-AD-issues-after-update/m-p/191745), the same member also reports PA being aware of this issue and correct it on the next release PAN OS 7.1.15. We would like to avoid ha...

PA firewall can't properly reassemble fragmented packets if the traffic is asymmetric

Hi PA Expert, We have a network environment that have an asymmetric routing and fragmented traffics. Model: PA5060PANOS: 8.0.6-h3Method: vwire modeNo security profiles applied, no zone protection, no QOS, just single security policy that allow all. Already applied this setting to allow asymmetric: set deviceconfig setting session tcp-reject-non-...

CLI show session all filter - negation

Hello I need to show all session with destination IP 2.2.2.2 from all my worstation but not from my 1.1.1.1 How to do that?Negation using "!" doesnt work (works perfectly in GUI) show session all filter source !1.1.1.1 destination 2.2.2.2 RegardsSLawek

_slv_ by L4 Transporter
  • 4380 Views
  • 4 replies
  • 0 Likes

Resolved! I can't get IPs from output of minemeld in autofocus.

Hello, I can't get IPs from output of minemeld in autofocus. Please refer to the follwoing message and then give me any assistance. I can see IPs when I enter the follwoing url on a browser. https://0b2b72a3.paloaltonetworks-app.com/feeds/feedMCWithValue-Malware-IP vsys1/ActiveCampaignsIPv4: Next update at : Mon Jan 29 12:03:25...

Resolved! Disable possibility of Commit

Hi, I want to know if there is some way to know ifIn which scenario, we can guarantee that a PaloAlto device united to Panorama (For "x" reason) can give a COMMIT that involves a complaint from the Business Unit. Or there is a button ("Disable" in Panorama) that will help us with something similar and only enable when something specific is requi...

RCastro by L1 Bithead
  • 4742 Views
  • 4 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks