This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4244 Views
  • 0 replies
  • 0 Likes

Problem w/ user ID

Hi Gurus, I'm trying to implement user id agentless.The LDAP & User Identification are created correctly. Below is the output:J-C.Valiere.da@PA_Ecore_Master> show user group listcn=vpn ecore employee,ou=roles,ou=global,ou=organization,dc=corp,dc=ecore,dc=comcn=vpn ecore consultant,ou=roles,ou=global,ou=organization,dc=corp,dc=ecore,dc=com...

Resolved! Customizing response page

First time doing this and I'm fairly familiar with HTML and CSS however I'm not sure how to target SubcategoriesIs there a way to target Subcategories when using a custom response page? The online documentation only mentions <category/> also do you upload the file as a .txt or .html file? this is what I have in the script part<div id="c...

Resolved! Asymetric Bandwidth On IPSEC VPNs and MPLS Tunnels

We are having unidirectional problems with our site to site circuits bandwidth. I am not sure if this is a PAN problem or a problem with the providers. It’s interesting that IPERF shows slowness to the remote site on MPLS but on IPSEC the slowness is to the main site (10.10.1). Traceroutes show the traffic is symmetrical on all tests.All connect...

traffic_examples_2017-12-12_14-43-38.jpg
BrianRa by L3 Networker
  • 7914 Views
  • 7 replies
  • 0 Likes

Resolved! ECMP Weighted Round Roubin

Hi, I have a case where we have to PA FWs and there is 3 connections between them,1- Two Microwave Links (Up to 100mbps)2- One DSP Link (Up to 10mbps) There is a total of 3 IPSec Tunnels and i'm using weighted round robin, however, i don't know how to calculate the weights and what numbers i should put in the ECMP to reflect the real speeds of t...

Resolved! What to do when IPSec VPN proxy IDs are the same?

Hi folks, We have several IPSec VPN connections and luckily so far all with unique Proxy IDs.I am trying to prepare when I create a new one and has the same Proxy ID as another.I see this article and talks about creating a NAT both ways.https://live.paloaltonetworks.com/t5/Featured-Articles/DotW-Help-with-IPSec-Proxy-IDs-with-overlapping-IPs/ta-...

OMatlock by L4 Transporter
  • 7267 Views
  • 5 replies
  • 0 Likes

User-ID

When enabling user-id where does it check against to get the information to identify the users? I have it turned on for serveral zones and it only seems to work on the VPN user-id's.

jdprovine by L4 Transporter
  • 15228 Views
  • 42 replies
  • 0 Likes

PAN DB URL Filtering - HA

Has anyone in an active/passive HA cluster experienced all urls logs being catergorized as 'not-resolved' after failing over to the passive box? We have had this happen multiple times now, to fix the issue we have re-download the seed database under Device -> Licenses Running 8.0.6 currently, this had also been happening on 8.0.3. I don't be...

clewis1 by L3 Networker
  • 2459 Views
  • 2 replies
  • 0 Likes

Decryption problem

We have such a problem with Microsoft Exchange OWA which we have recently published through Palo Alto.We have installed certificates with private keys,created necessary rules for PBF and NAT.Everything is working fine except decryption.We can see in monitoring tab errors like decrypt-error or decrypt-unsupport-paramwe have tried to connect from...

CC.png
Radmin_85 by L4 Transporter
  • 5728 Views
  • 6 replies
  • 0 Likes

SSL Decryption Session Limit

Hello We are planning to implement the SSL Decryption in our Enviornment. We would like to know how the session limit is counted in the firewall. Also is there any session limit for the PAN OS 7.1.3 and if yes what is it. Also if we upgrade to version 8.0 Whether the session limitis increased. RegardsMahesh Damani

mdamani by L0 Member
  • 5043 Views
  • 1 replies
  • 0 Likes

Resolved! Global protect and virtual MAC address

HI. We run global protect for a reasonable number of remote users on our PA3050's without much in the way of issues. One thing which pops up, though, is that our Virus management server (McAfee) gets hugely confused about which machines are on which IP address. We've done a little digging, and it apepars to be related to te fact that all machine...

darren_g by L4 Transporter
  • 5489 Views
  • 2 replies
  • 0 Likes

Palo Alto MPLS failover

Please give me a best Solution I have one Palo alto firewall and Branch end Cyberoam I need to do MPLS VPN Failover between both device any suggetion it will work or notpalo alto MPLS supported or not ? Thanks regrardsHiroli Mohsin

Mohsin91 by L0 Member
  • 3008 Views
  • 1 replies
  • 0 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks