This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

Resolved! Best Practices for PAN-OS Upgrade without downtime

Hello all, i have Active /passive firewalls how can i upgrade PAN-OS without downtime ?? 1-when i upgrade active , it will reboot then passive will be active .. 2- When i upgrade the new active is it will be back to old active again ?? what about OS mismatching is it have any impact on HA 3- If both devices will be for VPN ? Tunnel will be down ...

Failed upgrade

I tried to do an upgrade from 7.1.13 to 7.1.14 and it appeared to install fine, but the ports, all the ports, failed to come up again. So I rolled it back to 7.1.13 and it went back to working fine

jdprovine by L4 Transporter
  • 3780 Views
  • 6 replies
  • 0 Likes

Upgrade from 7.0.12 to 8.0.6-h3

Hi, I have checked the PAN-OS upgrade document and find it bit confusing. Using standalone device. Can someone please confirm if the following upgrade path will be correct? 7.0.12 —> download 7.1.0 —> Install —> RebootDownload 7.1.15 --> InstallDownload 8.0.0 —> Install —> RebootDownload 8.0.6-h3 —> Install —> Reboot Than...

Farzana by L4 Transporter
  • 4215 Views
  • 6 replies
  • 0 Likes

Resolved! Upgrading from PA500 to PA220

Sales team reached out to me recommending that we upgrade our PA500 to the PA220. We are a small company with a data pipe of 100MB. We do not have a lot of settings on the PA500. On an average we have around 1500-2000 sessions per the UI Home page. Looking at the ACC, I set it to 24hours and athe highest is around 22,000 (looks like about an ave...

jharlow by L3 Networker
  • 7794 Views
  • 7 replies
  • 0 Likes

PANGP Virtual Adapter Not Created

Hello, The company I work for uses Global Protect as their VPN (transitioning from AnyConnect) and I am having an issue after install. This is a Windows 7 PC, HP Compaq Pro 6300 SFF, and it does not create the PANGP Virtual adapter. GP version 4.00.02. I have not found an issue in the knowledge base so I am asking here instead. Any insight o...

RQinD4 by L0 Member
  • 2642 Views
  • 2 replies
  • 0 Likes

commit lock

Is it possbile to apply a commit lock prior to and upgrade and still be able to upgrade the OS?

jdprovine by L4 Transporter
  • 1762 Views
  • 1 replies
  • 0 Likes

User-ID with Azure AD

We currently use User-ID with an on-premise Active Directory server. We are planning on moving to Azure AD (not to be confused with AD services in Azure). Are there any plan on getting User-ID to work with AzureAD (web Auth)? What other options can I use to continue to use User-ID if we do not have Active Directory on premise? Thanks.

jharlow by L3 Networker
  • 10091 Views
  • 8 replies
  • 0 Likes

Resolved! Version 7.1 for PA-850

Is there a way of getting 7.1 onto an 850? Need to get new firewall into service soon, ideally managed by Panorama. Panorama is on 7.1 and it seems cannot communicate with the 850 as it has shipped with 8.0. Won't be able to get Panorama upgraded in time due to change control restrictions.Can deploy firewall as standalone and bring under Panoram...

Catchall DNS and Redirect to host

My old firewall was able to catch all dns requests from a zone and redirect them to a defined server. I cannot find a way to do that on the Palo Alto. Can it be done?

Use of computer ldap groups in source-user policy field on palo alto

We are attempting to use a computer based ldap group in the source-user field of a traffic policy on our palo alto 5020.At the moment that policy is being ignored, and subsequent policies based just on the same source ip group are being acted on.(if the source-user is set to any (removing group domain\wkstn_group) then the policy works)We have b...

dhirvin by L0 Member
  • 9381 Views
  • 10 replies
  • 0 Likes

Limit bandwith in untrust interface

Hi, I need to limit the bandwith in untrust interface. We replicate DB info to the Oracle cloud and we want to limit this traffic. We have 100Mbps bandwith, and we want to limit the Oracle cloud traffic 50Mbps max. So this is what i configured: Profile QoS: all the classes with 50Mbps max egress. QoS config eth1/1 is our untrust interface (100M...

Capturavpn3.JPG
Captura1qos.JPG
vpn2.JPG
tunel trafficshapping.JPG

Resolved! NAT from private to public

With PAN - if I have a client who wants to his a public IP address when their traffic passes through the inside/private interface - what would the NAT look like? E.g. say outside/untrusted IP address is 67.1.1.1 and NATs 1:1 to 10.10.4.5 which is reached via the inside/private interface for any port. Now a user at 10.10.40.47 wants to hit 67.1.1...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks