This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Catchall DNS and Redirect to host

My old firewall was able to catch all dns requests from a zone and redirect them to a defined server. I cannot find a way to do that on the Palo Alto. Can it be done?

Use of computer ldap groups in source-user policy field on palo alto

We are attempting to use a computer based ldap group in the source-user field of a traffic policy on our palo alto 5020.At the moment that policy is being ignored, and subsequent policies based just on the same source ip group are being acted on.(if the source-user is set to any (removing group domain\wkstn_group) then the policy works)We have b...

dhirvin by L0 Member
  • 9269 Views
  • 10 replies
  • 0 Likes

Limit bandwith in untrust interface

Hi, I need to limit the bandwith in untrust interface. We replicate DB info to the Oracle cloud and we want to limit this traffic. We have 100Mbps bandwith, and we want to limit the Oracle cloud traffic 50Mbps max. So this is what i configured: Profile QoS: all the classes with 50Mbps max egress. QoS config eth1/1 is our untrust interface (100M...

Capturavpn3.JPG
Captura1qos.JPG
vpn2.JPG
tunel trafficshapping.JPG

Resolved! NAT from private to public

With PAN - if I have a client who wants to his a public IP address when their traffic passes through the inside/private interface - what would the NAT look like? E.g. say outside/untrusted IP address is 67.1.1.1 and NATs 1:1 to 10.10.4.5 which is reached via the inside/private interface for any port. Now a user at 10.10.40.47 wants to hit 67.1.1...

Tail traffic in CLI?

Is it possible to tail live traffic in the CLI while running a grep (or match) for specific things? I would find this extremely useful.. Thanks.

Minemeld down - Can't log into UI "ERROR CHECKING CREDENTIALS - Bad Gateway"

Our Minemeld will longer let me log in via the user interface. The operating system logon works fine. When trying to log into the web interface I get "ERROR CHECKING CREDENTIALS - Bad Gateway" We are a Windows shop and don't really have any Linux skills to breing to bear on this. What do I need to do to resolve this? It is a production i...

DwightH by L1 Bithead
  • 22067 Views
  • 15 replies
  • 0 Likes

connectivity problem with GP

Users complain Global Protect vpn client performance problem. There is shown ping time more than 1000ms after I disconnect then reconnect there is shown less than 150ms. Below photo after and before connection via GP

image002.jpg
image003.jpg
Radmin_85 by L4 Transporter
  • 3028 Views
  • 5 replies
  • 0 Likes

DROP_UPDATE

Hi, I've just created a new node and I'm seeing events such us: DROP_UPDATE on aggregator type. Does anybody have an idea of what could be the issue?

Resolved! How to configure Vendor Specific Attributes to Radius/MFA server

Hello, I need article(s) that shows step-by-step instructions on to use Azure MFA (which is a RADIUS software) for Palo Alto admin authentication in their web interface or CLI for Palo Alto management.As of today, Palo Alto Management is without multi factor authentication (MFA) which is not ideal but it works fine and it is using LDAP for authe...

Farzana by L4 Transporter
  • 3289 Views
  • 1 replies
  • 0 Likes

Exchange emails stopped working due to zone protection profile

Hi All Emails from inhouse exchange server is not getting delivered to target email ID or either getting delayed . I have configured the secuirty policy with no security profile attached and the traffic is showing as allowed was suspecting that it might be getting blocked or dropped due to some security profile .once i remove zone protection pr...

Rameshwar by L3 Networker
  • 2376 Views
  • 2 replies
  • 0 Likes

Resolved! SonicWall to Palo Alto Migration?

Hello 🙂I am doing a migration from a Sonicwall device to a Palo device and I am not finding any migration tools that can help me. Does anyone know of a tool that will migrate from Sonicwall to PAN? I am at a loss of how to go about this without building it all up from scratch.

Roshawn by L2 Linker
  • 10718 Views
  • 3 replies
  • 0 Likes

UserID - nt authority\accesso anonimo

Hi guys, EnviromentPA3020panOS 7.1.11 -- UserID agent 7.0.4 I got issue with UserID that is currently receiving identites from UserID Agent.UserID has already mapped IP address with a specific LDAP user for example "domains.it\test".Sometimes happens that UserID starting to map the same IP address with this user: "nt authority\accesso anonimo (a...

Resolved! How to configure the firewall so that all traffic goes in and out through it?

Hello, everybody. I am configuring a VM-300 Virtual Firewall on a KVM installed in CentOS. The dedicated server where the virtual firewall is installed has two network cards.One of which connects to the Internet and the other with which it connects to a switch to which other servers are connected. My intention is for all incoming and outgoing tr...

DRAW.png
javihere by L1 Bithead
  • 2508 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks