This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

Most secure way to validate laptop, desktop and mobile devices?

I'm new to networking in general and looking for the most secure way to ensure those joining our network actually belong on the network. We have a moderate hierarchy of users with a fairly even mix of desktops, laptops and mobile devices. What I'm looking to achieve:- Only specific devices are able to connect to network (whitelist specific, deny...

Newbie - Unable to Access Web GUI

A very good day to everyone, I hope everyone is doing Great, I am a Newbie and have just done the following - 1) Imported PA-VM-ESX-8.0.0.ova File into VMWare Workstation2) Started VM3) Logged into VM4) Set IP of Firewall with these commands configure set deviceconfig system ip-address 192.168.1.1 netmask 255.255.255.0 default-gateway 192.168.1...

Application Default Risk Factor---Exportable?

Hello all!I recently finished a migration in which everything went perfect. However, I'm now trying to find out how to export the Default Risk Factor of the applications so that I can compare to the build on the original firewalls as the risk factors had been customized. Is there a CLI command or some other way to export the risk factor config?

Roshawn by L2 Linker
  • 2371 Views
  • 2 replies
  • 0 Likes

configuration report

has anyone tried to set up a custome report that shows/alert or lets you know when someone has made a change to the configuration? Or if you have your own home grown method that you use to audit configuration changes.

jdprovine by L4 Transporter
  • 8268 Views
  • 13 replies
  • 0 Likes

Resolved! MineMeld services not initialized after install

I've tried manually installing MineMeld and using the ansible template but the services do not seem to be initialized. Is there a step missing in order to get this completed? Same issue with Ubuntu 14 and 16.

csopel1 by L1 Bithead
  • 6344 Views
  • 4 replies
  • 0 Likes

Resolved! Changing SSL Certificate on the MineMeld Docker container

Team, Does anyone have some guidance on changing out the SSL certificates on the MineMeld Docker container? Should we modify the dockerfile to include a COPY command? Is there a way to just shunt it in via mapping an additional VOLUME during the "docker run"? Thanks again for an awesome tool! Regards, Nasir

nbilal by L3 Networker
  • 9612 Views
  • 2 replies
  • 0 Likes

PAN 3020 OS Upgrade

I have PAN-3020 Running on version 7.1.4-H2, Can you please assist me which version should I upgrade ?Have anyone tried 7.1.14 or 8.0.6. which one is more stable version ?

Mragheb by L1 Bithead
  • 2003 Views
  • 1 replies
  • 0 Likes

Download slow passing through PA

Hi All! i have this problem: when customer downloads, it is very slow, with isp he bypassed the PA device and it was faster.I created a new rule without any security profile to verify if it was caused by them, but customer says it is the same (and it could be slower). QoS is not enabled. Do you have any suggestion about this problem? Some functi...

DKanta by L2 Linker
  • 3110 Views
  • 2 replies
  • 0 Likes

ipsec tunnels freezing in PANOS 8.x on active passive configuration , when failoveris needed

- We have been having issues with VPN tunnels freezing between PA's on different sites; since PANOS8.x when a failover is done in an active - passive configuration. Current workaround is to enable tunnel monitoring with failover action. This was not needed in PANOS 7.x, for these kind of situations. the failover works for all the rest of ongoi...

Resolved! User-ID Agent 8.0.2-20 - Auto Update not working

Hello!I am having an issue with Auto Update not working. I have the agnets installed on three seperate servers and have had to hand-jam the rest of the Domain Controller's in order to get them connected. I've only put in 1/3 of them but was wanting the Auto-Discover to do the rest of the work. I have the PA AD account installed on the Primary DC...

Roshawn by L2 Linker
  • 6391 Views
  • 11 replies
  • 0 Likes

BGP

hello i am new to palo alto i recently configured bgp on my palo alto pa 500 device and my bgp peer is getting connected and then after a minute it gets disconnected and the bgp state becomes active. also i am using md5 key for authentication. could you please help me with a possible solution or reason. thank you

Customize email alerts

Hi,I question is it possible to do customize the alarm email which I activate it in the log forward. Thanks a lot for your help.ThanksMartin

Auzi by Not applicable
  • 2794 Views
  • 2 replies
  • 0 Likes

Resolved! Best practise For TAP Mode

Hello Brothers, Plz i want make a POC with one of our clients, but i need to know what's th best practise for putting the PaloAlto in TAP mode !!i mean:1-what's the rule policy that i must create ?? must enable all security profile ?2-must make dycryption rule ?3-Wich elements i must focus on for the best practise and give the best report to the...

Resolved! Copy group of apps from one device to another - small CLI problem

Hello I'd like to copy one application group from Unit1 to Unit2.On Unit one:configure run set cli config-output-format set show application-group WiFi-appsIt gives me somethning like:set application-group WiFi-apps members [ adobe-update apple-push-notifications apple-update avast-av-update avg-update dropbox eset-update facebook facetime flash...

_slv_ by L4 Transporter
  • 2849 Views
  • 2 replies
  • 0 Likes

Resolved! GlobalProtect, XAuth client, issues with routing multiple subnets

I'm probably missing something simple, but I can't figure out what. I have GlobalProtect Portal setup on the datacentre (DC) firewall. I have GlobalProtect Gateway setup on the office firewall, with XAuth enabled. I can connect to the Gateway using the vpnc client on a Linux station and everything works. I get an IP, I can access things on the...

fjwcash by L4 Transporter
  • 6150 Views
  • 8 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks