This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Resolved! Adding address objects and tagging them via CLI.

In my network we tag certain IP addresses for various reasons on our Palo Alto's. Sometimes we will get a large batch of these that need to be done and manually creating an address object and then tagging it via the GUi can be time consuming (to say the least). I'm wondering if there is a way to add these object groups and tag them via the CLI. ...

Logging events from Panorama to SIEM?

What methods are available for sending events from a distributed palo alto deployment which have been aggregated in panorama...to a syslog server or SIEM product? I know how to send events directly from a firewall but would hate for all my remote locations to have to send the logs twice, once to panorama and a second time to the SIEM.In panoram...

MineMeld Service's Not starting after installation

Hello Discussion Board, I am installing MineMeld in ESX 6. VM was built with trusty-server-cloudimg-amd64.ova and has minemeld-cloud-init-0.9.10-1build1.iso connected to the CD/DVD drive. Every time I reboot the server minemeld does not start and the system says there are 2 available packages that can be updated. I added a screenshot of...

qos

Hi,What are the differnces between cisco qos and pa qos Thanks

simsim by L4 Transporter
  • 2257 Views
  • 1 replies
  • 0 Likes

Resolved! site-to-site VPN / no "IKE Info"

Hey, We have a couple of VPN's which have just been transitioned to the PA firewall. Under network > ipsec tunnels > the VPN status shows as up, but the "IKE info" shows as down, with no info. If I run: "show vpn ike-sa detail gateway" there is nothing listed. If I run "test vpn ipsec-sa tunnel" it brings it up and shows IKE Phase1 SA:Coo...

SARowe_NZ by L3 Networker
  • 10577 Views
  • 3 replies
  • 0 Likes

Resolved! QoS issues on dual-ISP setup with differing circuit speeds.

Hi- We have dual connections and have our Palo Alto set up similar to described in this article: https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-a-Palo-Alto-Networks-Firewall-with-Dual-ISPs/ta-p/59774 Our primary connection is 100Mbps whilst 2nd is only 10Mbps. Presumably this should involve 2 QoS profiles, one with ...

Share screen in skypeforbussiness not working

Hi, We are facing a strange problem with Skypeforbusiness. Two users are in a conference. When the user behind Palo alto tries to share the screen is not working, but when the remote user shares the screen is working. The error in skype is "Skype for Business: We couldn’t connect to the presentation because of network issues" In our PA is every...

dr1.JPG

Resolved! Is it possible to keep SIP calls from dropping when failing over between ISPs, or using ECMP?

I've heard of some SD-WAN providers that claim their devices will allow ISP aggregation and failover between ISPs without dropping SIP calls when one ISP goes down. Is this achievable without putting a SD-WAN device between our firewalls and the ISPs? At our site we have two ISPs, and currently are using PBF and monitoring to fail over between ...

uvdes by L2 Linker
  • 3438 Views
  • 1 replies
  • 0 Likes

Resolved! Add QOS for same source but different times & BW

We want to have different qos restrictions at different times for a single source ip. traffic from source to destination is over a tunnel. How can i achieve this, i can not assign multple qos profiles to same tunnel interface.

raji_toor by L4 Transporter
  • 5075 Views
  • 3 replies
  • 0 Likes

Mac connected in VPN doesn't work

Hi Guys, customer connected a Mac (OSX 10.13.2) using global protect and other vpn client (native and cisco), but i can't reach a remote server. Doing a packet capture i found the PA (pa-3020, 7.1.14) doesn't forward the reply packet.[Mac]--------->[PAN]--------->[Server] OK[Mac] [PAN]<---------[Server] PAN s...

DKanta by L2 Linker
  • 3239 Views
  • 2 replies
  • 0 Likes

Login BANNER variables?

Question. Does Palo alto have any variables that return the Devicename or Hostname? I want to create a Template in Panorama with the login banner settings and then push this out via a template stack to the devices. But I want each device to return their NAME in the Login Banner

PARKS by L0 Member
  • 2260 Views
  • 1 replies
  • 0 Likes

Resolved! Captive Portal settings

I am running Palo Alto Pan OS version 7.1.11 and need to adjust my captive portal settings. How do I disable or bypass the captive portal for particular networks. I have a guest network that I do not want any authentation and need to make sure the user is not bothered by a pesky captive portal logon.. Thanks

rmsdip3 by L1 Bithead
  • 4315 Views
  • 4 replies
  • 0 Likes

How to limit application or rule sessions

Hello. Let's going to say that I have the following scenario: - 1 remote server where can be connected just two users at the same time- Group of 3 users (Group 1 => user1, user2, user3)- Group of 3 users (Group2 => user4, user5, user6) I would like to allow just one user of each group at the same time, to do it I checked application overr...

m.molina by L1 Bithead
  • 2656 Views
  • 1 replies
  • 0 Likes

Resolved! FW's Not connected to M100, SSL failed to connect to panorama

We are on a test network with one Panorama m100 and two PA-5020s that are at 6.1.7 (there are reasons). they have not been modified lately but are showing disconnected after an attempted push. They show In Sync, for Shared Policy. Out of sync for templates. Last commit status is not connected. They were/are not an HA pair When i have tried the ...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks