General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! Issues with netflow.

We are having issues getting our information from our PaloAlto 5020's. It looks like it is sending but we do not have any chartable information on either of our netflow servers. We are using Solarwinds Netflow Traffic Analyzer as well as What's up

...

Best Solution for New Design

Dears,

first time for me write in PaloAlto forum I hope to find my answer here.

first, we have purchased PaloAlto 3020, and need the best design for the network securityز

My network content "1" switch L3 and "2" switches L2

and we have VLANs for use

...

(DUP!) when pinging from the firewall

Hi guys,

Strange issue here which I'm hopeing to get resolved. I was SSH'ed into the our PA VM-100 today and happened to run the command >ping host 8.8.8.8. This resulted in 100% (DUP!) replies on the ICMP replies. However, when I specify the sour

...

Resolved! Panorama configuration logs

When making changes to firewalls through panorama, there is a history of those changes made. When you go to the dashboard there is a widget that shows the last handful of config changes, so I know they are there. Where in panorama can I go to view

...

Resolved! Proxy-ID Error message for GlobalProtect Client

We have configured a GlobalProtect Gateway to service clients using both the GP Agent and X-Auth parameters with 3rd Party Clients.

We have been receiving the following error messages:

'IKE phase-2 negotiation failed when processing proxy ID. cannot f

...

Suspicious login attempt found on PA.

Hi All,

I have a situation where someone tried to access Palo Alto and failed to login as the authentication was not granted. Any idea where i can go and see what was the source IP and location etc. A bit of forensics.

Any suggestions most welcome.

Im

...

Can I make PA3020 stop advertising default route in OSPF if its internet connection is down?

Hi all,

This my first post on here.

I was trying to see if these devices have monitor/tracking features e.g. keep testing the internet connection to see if it is still up.

I want the PA to form a neighbor relationship with a cisco router and advertis

...

installing SFP modules on PA-5050

Hi I need to know the correct procedure for installing a 10 G SFP into a PA-5050.

Can I install while they are on and running? Do I need a reboot?

Do I have to power off and install and power on?

I’ve tried to if an answer in the documentation

Resolved! GlobalProtect behind NAT/PAT Cetificate Issue.

Hi,

I'm configuring my GlobalProtect VPN and Agent keep saying "CN name mismatch".

Here's my infrastructure :

The PA220 is behind the NAT of the ISP and all connexions on WAN_IP (that is the public IP) are translated to the address 192.168.7.1. As po

...

Resolved! Question on GlobalProtect access route

Hi All,

I've successfully set up globalprotect for my remote users according to this link https://live.paloaltonetworks.com/t5/Configuration-Articles/Basic-GlobalProtect-Configuration-with-User-logon/ta-p/136099

I have a new problem. I want some user

...

Device Config Import into Panorama removes all the objects

We have firewalls in HA and are multi-vsys. I am trying to to get them into Panorama, but as i import the config it removes almost all objects and Panorama device groups only shows shared objects. Any object that was local to to vsys does not show an

...

Resolved! How many classified website on PAN-DB?

Hi There,

I have a customer RFP requiring that URL filtering product must have more that 50 million clissified webiste on its database.

Does Palo Alto Networks URL Filtering solution (PAN-DB) have more than 50 Million classified webistes?

Thanks ver

...

Panorama Merge or migration

Hello,

I do have 2 Panorama running with 7.1.9. 1 running with M100 physical and another one is VM. Both are having different device group , templete and devices.

I am looking for way to migrate all devices from M100 to VM. Is there any easiest/ safe

...

Resolved! syslog alerting in PAN-OS

There is an option for syslog alerting by email in PAN-OS , but even if used only for threats , not traffic, results in way too many emails. I am collecting threat events through Logstash into time series database InfluxDB . My very small program is

...

Multiple LDAP servers in a single profile - behavior

Dear comm,

when I have several LDAP servers in a profile for user authentication. How is this list utilized? Is only the first entry used? Are authentication requests distributed over all configured servers? How does it work?

Kind regards,

Rene

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help