This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4223 Views
  • 0 replies
  • 0 Likes

Resolved! Failover methods Manual vs Link Down (traffic loss)

There are few triggers that could cause a failover in HA cluster.I'm interested to understand the difference between manual (graceful) and a hard failover like Link Down. In a matter of network traffic loss, is there a difference between Link monitoring triggered failover and a manual failover? Meaning, would the manual failover will cause less...

Trustnet by L1 Bithead
  • 11098 Views
  • 10 replies
  • 1 Likes

Active | Active Dual WAN

Can someone tell me what the supported configurations are for an active | active dual wan configuration in regard to physical wiring. Can I have one ISP connected to one Palo and the other ISP on another Palo or do I need both connected to both, run through a switch with two external VLANs and a virtual IP on either ISP? Tom

Question about redundent paths with IPSEC Tunnels.

I have a HA-pair of 3050s in my corp office with an single existing IPSEC tunnel to a remote office on a 200. The remote office has very poor reliability on it's existing connection and the local ISP has provided them with a backup satcom link they can use when the prime connection goes down. the HA-pair sits behind a Single IP that's managed vi...

Resolved! GlobalProtect and AD group restriction

Hi,I'm setting up GlobalProtect, which works just fine. Now I want to restrict GlobalProtect access to only 1 AD group. I created a separate GP authentication profile with my ssl_vpn AD group in the allow list, but as soon as I commit that allow list, not a single user can log in to the GlobalProtect anymore.Is this the correct way to configur...

fcremer by Not applicable
  • 20442 Views
  • 9 replies
  • 0 Likes

GlobalProtect connects but cannot get IPv4 address

Hi, New to the forum here and my searches didn't reveal an answer. I am using GlobalProtect 3.0.0-74 (what the client gave me) and it connects just fine, but I am unable to see the machines I need to(ping requests time out). Running ipconfig shows I only have an IPv6 address. No IPv4, but the GlobalProtect Panel shows an Assigned Local IP. I add...

bhaxel by L1 Bithead
  • 6269 Views
  • 6 replies
  • 0 Likes

Panorama & NSX integration and implementation

is the Panorama mandatory to install the PaloAlto VM with NSX.i have 4 servers that NSX installed .and i need to buy PaloAlto with NSX,my qoustions as below :1-is it mandatory to buy Panorama for instalation ? i know it may be hard to mange each one of 3 hosts stadalone but is it possiable or not2-can i buy the PaloAlto for the 3 servers only a...

Comparitn two device configs to find missing and inconsistent entries.

we have a head office and disaster site PA3020. It's taken 2 months to get the DR firewall online, originaly it was a clone of the HO one so all settings were the same ( excepet ones that had to be unique) But now after that 2 months we have made a number of changes to the HO which were not reflected in DR. Is there an easy way to take the two c...

Resolved! Query on User-ID Agent

Hello, The issue we are currently facing is we have reached the maximum amount of items 50 in the PA user id agent software and currently have it running on 2 servers and have 100 devices now again we need to install on a third server to allow for more items. Is there another solution? or new version that allows more then 50 items?We are using P...

Farzana by L4 Transporter
  • 2936 Views
  • 3 replies
  • 0 Likes

Resolved! updates.uswest2.gslb.paloaltonetworks.com

Hi Team, Has the update server changed for dynamic updates ? updates.paloaltonetworks.com showing generic communication errors. A ping to updates.paloaltonetworks.com resolves to the address in the title, when ye change it in the config [device>setup>services>update server] connects again fine.. admin@TAC-HomeLab> ping source 10.1...

updateError.GIF
original.GIF
newone.GIF

Antivirus reset-both action for mail protocols

Hi! We enable the blocking email viruses attachement by setting the antivirus profile with an action “reset-both” for SMTP. The virus attachement could be blockded, however the sender’s mail server keep retry until timeout and no undelivered mail message returned to sender. Please advice? Thank you!Device : PA3050, PANOS 7.08

BillKuo by L0 Member
  • 8512 Views
  • 6 replies
  • 0 Likes

Authentication policy

Hello,I'm in proccess of migration from TMG to Palo Alto. One of the rules on TMG whic is used to publish web site to the Internet have AD autehntication enabled. Because I can't change anything on web server and I have to enable some kind of authentication when users are connecting to this site, I was thinking to use PAN Authentication policy f...

Resolved! When to upgade from 7.1.14 to 8.0.6

Hi Everyone,I know this is more of a personal choice rather than a exact science , I am currently running 7.1.14 on a PA 3600 which is very stable for my organisation at the moment, however I do not want to fall to far behind firmware levels , so I am beginning to question when to move to the current F/W My question is , have alot of people up...

Stuck out of management

Hello guys, I have made a stupid mistake on a PA-820. I have changed the Permitted IP in the Interface Management Settings to a single IP (the Panorama server) and now I cannot access the device anymore. Any ideas? I cannot access even in SSH. The Pan-OS versionis 8.0.3 and is peered with another device (that I can access). Thanks

Shye80 by L1 Bithead
  • 3682 Views
  • 2 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks