This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4108 Views
  • 0 replies
  • 0 Likes

In VSYS vsys1 from zone inside of type layer3 and to zone MPLS of type unknown are incompatible

Hi Guys I have created a new parant Device group that contains shared rules for sub device groups under it. The rulease are zone specific and this is where the problem comes in, I get the error below when commiting to specific device. Last Push State DetailsDetails:. In VSYS vsys1 from zone inside of type layer3 and to zone MPLS of type unknown...

Resolved! Minemeld missing new O365 web

Hi, We have installed PA with Minemeld. Everything is working fine but sometimes we can not access to any function in O365 online (for example "to create a new word cocument"), so we go to PA and we see that in URL logs that PA is blocking this web. So we go to minemeld and we dont see ths new web. So we have to add this web in "allow list" in...

Resolved! PAN-DB download failed. Please check your network connectivity, DNS settings, and NTP settings.

Hi,have a PA200 Updatet from 6.1.x to 7.0.1 and now i get ther error PAN-DB download failed. Please check your network connectivity, DNS settings, and NTP settings. This comes when i will reactivate the PAN-DB licenses because there i no downlaod "Cloud is not ready, There was no update from the cloud in the last 125 minutes. ". I found this hel...

Resolved! Query on URL filtering

Hello, We are using this Security Policy:Source->Inside, User->any, Destination->any, Application->any, Service/URL category->any, Action->allow.We are using Group Profile under Profile Setting with a URL Filtering Profile 'test-URL'.In this URL Filtering profile, we have blocked the categories: gambling, weapons, etc. and allo...

Farzana by L4 Transporter
  • 3669 Views
  • 2 replies
  • 0 Likes

QoS statistics Graphic monitoring Issue

Hello, Using PAN-OS 6.1.17. At first, Bandwidth graph was not showing in both Chrome and IE. The only change I made was adding all the classes into the QOS profile. The classes that were in use by QOS were already showing up in the other statistics tabs before I added them to the profile, so I assumed that they were only required to be added to ...

Farzana by L4 Transporter
  • 4054 Views
  • 4 replies
  • 0 Likes

When are we getting a GlobalProtect Client for Linux

Hey guys, I already know how to get my Linux clients (Ubuntu) to connect via xAuth, and it works great. However, I've been tasked with implementing MFA to the VPN infrastructure. Works fine for the Windows/Mac clients using the GlobalProtect Client. However, my Linux clients can't connect because they never receive a prompt to enter their token....

Resolved! Failover methods Manual vs Link Down (traffic loss)

There are few triggers that could cause a failover in HA cluster.I'm interested to understand the difference between manual (graceful) and a hard failover like Link Down. In a matter of network traffic loss, is there a difference between Link monitoring triggered failover and a manual failover? Meaning, would the manual failover will cause less...

Trustnet by L1 Bithead
  • 10893 Views
  • 10 replies
  • 1 Likes

Active | Active Dual WAN

Can someone tell me what the supported configurations are for an active | active dual wan configuration in regard to physical wiring. Can I have one ISP connected to one Palo and the other ISP on another Palo or do I need both connected to both, run through a switch with two external VLANs and a virtual IP on either ISP? Tom

Question about redundent paths with IPSEC Tunnels.

I have a HA-pair of 3050s in my corp office with an single existing IPSEC tunnel to a remote office on a 200. The remote office has very poor reliability on it's existing connection and the local ISP has provided them with a backup satcom link they can use when the prime connection goes down. the HA-pair sits behind a Single IP that's managed vi...

Resolved! GlobalProtect and AD group restriction

Hi,I'm setting up GlobalProtect, which works just fine. Now I want to restrict GlobalProtect access to only 1 AD group. I created a separate GP authentication profile with my ssl_vpn AD group in the allow list, but as soon as I commit that allow list, not a single user can log in to the GlobalProtect anymore.Is this the correct way to configur...

fcremer by Not applicable
  • 20224 Views
  • 9 replies
  • 0 Likes

GlobalProtect connects but cannot get IPv4 address

Hi, New to the forum here and my searches didn't reveal an answer. I am using GlobalProtect 3.0.0-74 (what the client gave me) and it connects just fine, but I am unable to see the machines I need to(ping requests time out). Running ipconfig shows I only have an IPv6 address. No IPv4, but the GlobalProtect Panel shows an Assigned Local IP. I add...

bhaxel by L1 Bithead
  • 6153 Views
  • 6 replies
  • 0 Likes

Panorama & NSX integration and implementation

is the Panorama mandatory to install the PaloAlto VM with NSX.i have 4 servers that NSX installed .and i need to buy PaloAlto with NSX,my qoustions as below :1-is it mandatory to buy Panorama for instalation ? i know it may be hard to mange each one of 3 hosts stadalone but is it possiable or not2-can i buy the PaloAlto for the 3 servers only a...

Comparitn two device configs to find missing and inconsistent entries.

we have a head office and disaster site PA3020. It's taken 2 months to get the DR firewall online, originaly it was a clone of the HO one so all settings were the same ( excepet ones that had to be unique) But now after that 2 months we have made a number of changes to the HO which were not reflected in DR. Is there an easy way to take the two c...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks