This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

NAT very slow

PA-3020 Software Version 8.0.4
I have several policies U-Turn Nat and Destination Address Translation in the DMZ
Three times a day the acces to these Policies becomes very slow
If I send a ping to one of these servers the time is very large the 1000 to

...

Resolved! PA-VM-300 refuse to boot because master key expired.

Hi all,

 

today i found my PA-VM-300 in maintenance mode, refusing to boot.

 

Maitenance Entry Reason:

Cryptod failure. Caused by: Master key expired.


This firewall is a backup of our production firewall, in our Disaster Recovery Plan, in addition to VMwar

...

2017-08-16_171551.jpg

Virtual Panorama for Log viewing only

Hi all,

 

I hope someone already did something like that to answer my question 

 

We have a virtual Panorama on PAN-OS 8 with a local log collector. On this panorama we manage differdnt firewalls and also store the logs of these firewalls. This panorama

...

Remo by L7 Applicator
  • 1510 Views
  • 2 replies
  • 0 Likes

sync issues

My HA pair went into split brain so I rebooted the secondary and now they will not sync

jdprovine by L4 Transporter
  • 2731 Views
  • 7 replies
  • 0 Likes

site 2 site with Meraki NAT'd behind ISP router??

We have a remote site connected behind ISP router and Meraki receives 192.168.X.X IP from it, and all networks locally are connected further to Meraki. The main site has public IP directly on the firewall. Not sure how to make configuration work. 

raji_toor by L4 Transporter
  • 5517 Views
  • 7 replies
  • 0 Likes

Resolved! Issues with netflow.

We are having issues getting our information from our PaloAlto 5020's.  It looks like it is sending but we do not have any chartable information on either of our netflow servers.  We are using Solarwinds Netflow Traffic Analyzer as well as What's up

...

Best Solution for New Design

Dears,

first time for me write in PaloAlto forum I hope to find my answer here.

 

first, we have purchased PaloAlto 3020, and need the best design for the network securityز

 

My network content "1" switch L3 and "2" switches L2 

 

and we have VLANs  for use

...

MOsama by L1 Bithead
  • 1546 Views
  • 1 replies
  • 0 Likes

(DUP!) when pinging from the firewall

Hi guys,

 

Strange issue here which I'm hopeing to get resolved.  I was SSH'ed into the our PA VM-100 today and happened to run the command >ping host 8.8.8.8.  This resulted in 100% (DUP!) replies on the ICMP replies.  However, when I specify the sour

...

Resolved! Panorama configuration logs

When making changes to firewalls through panorama, there is a history of those changes made.  When you go to the dashboard there is a widget that shows the last handful of config changes, so I know they are there.  Where in panorama can I go to view

...

Resolved! Proxy-ID Error message for GlobalProtect Client

We have configured a GlobalProtect Gateway to service clients using both the GP Agent and X-Auth parameters with 3rd Party Clients.

 

We have been receiving the following error messages:

'IKE phase-2 negotiation failed when processing proxy ID. cannot f

...

Suspicious login attempt found on PA.

Hi All,

I have a situation where someone tried to access Palo Alto and failed to login as the authentication was not granted. Any idea where i can go and see what was the source IP and location etc. A bit of forensics.

 

Any suggestions most welcome.

 

Im

...

installing SFP modules on PA-5050

Hi I need to know the correct procedure for installing a 10 G SFP into a PA-5050. 

 

Can I install while they are on and running? Do I need a reboot?

Do I have to power off and install and power on?

 

I’ve tried to if an answer in the documentation

fribbl3 by L0 Member
  • 2757 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect behind NAT/PAT Cetificate Issue.

Hi,

 

I'm configuring my GlobalProtect VPN and Agent keep saying "CN name mismatch".

 

Here's my infrastructure : 

The PA220 is behind the NAT of the ISP and all connexions on WAN_IP (that is the public IP) are translated to the address 192.168.7.1. As po

...

Drawing1.png
Naelwan by L1 Bithead
  • 3773 Views
  • 3 replies
  • 0 Likes
  • 23713 Posts
  • 104 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks