This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

205 access points blocking one ssid

We are current ly running 4 ssids on our network. One of which is for our food service. We have 3 accesspoints providing coverage over the commons during lunch, we would like to disable one ssid created for student use while leaving the others open on the access point closest to the POS units. Is this possible or is it an all or nothing deal?

the easiest way to get the peak number of active sessions on firewall?

i'm wondering to aquire the easiest way to get the peak of number of active sessions on firewall? some ways i figured out are1) check SNMP active session OID every minute and spot a chart.2) fire up SSH "showing session info" every minute by a python snippet.3) seems like to built a customized report by couting traffic log4) chrome has a plug...

DannyDai by L1 Bithead
  • 2630 Views
  • 1 replies
  • 0 Likes

IPsec Site-to-Site VPN trouble (decap bytes 0)

Hi all.I am trying to set up an IPsec s2s tunnel with non-Palo Alto peers. So far I have tried 3 different peers (Strongswan 5.3.2, Cisco router, Cisco SOHO router) and every time I have problems seeing incoming decrypted traffic to the PA."Local site" being the PA one, here's the info I have so far:- IPsec tunnel is up- "show session all filter...

AMS-IX by L1 Bithead
  • 26269 Views
  • 11 replies
  • 1 Likes

Resolved! native vpn client

Has anybody been able to successfully setup the native windows vpn client for Windows 8 and 10 to connect through a palo alto firewall

jdprovine by L4 Transporter
  • 9264 Views
  • 6 replies
  • 0 Likes

ADFS SAML Configuration

Hi all I need help to configure ADFS SAML with global-protect.i have successfully imported the metadata.xml from adfs into palo.But now i can't export the metadata from paloalto. Whats the correct identifiers and endpoints urls for global-contect clientless? I have no idea, what i must configure in adfs. Can anyone help?I use panos 8.0 regards...

Screen Shot 2017-02-25 at 03.50.54.png

Security Policies Not Applied When Client Use Web Proxy on Their Browser

Dear all, I am currently learning the Palo Alto Firewall using Palo Alto VM. I've configured some security policies, for example, file blocking that forbide client to upload a PDF file (including to those website which use SSL). All of the policies are working as expected. Then, I try to set the client web browser to use a web proxy (Squid) loca...

hibagus by L2 Linker
  • 8280 Views
  • 10 replies
  • 0 Likes

Understanding Panorama Backup and Recovery Procedure

Hypothetical Scenario... Through catastrophic failure I have lost my Panorama which also contained device configs. In order to re-build it from scratch which config file should be saved and exported, and then imported?, I note there are few option around 'snapshot' and 'config-bundle'. But to me the documentation is not entirely unamgibuous, tha...

nawaza by L2 Linker
  • 4110 Views
  • 1 replies
  • 0 Likes

Resolved! Query on TS Agent

Hello, We are planing implement TS Sever. Kindly advise if Windows Firewall needs to be disabled on Server for TS Agent implementation. Please provide the reason for the same whether yes/no. Thanks in advance.

Farzana by L4 Transporter
  • 2129 Views
  • 1 replies
  • 0 Likes

Logs export and viewing

Hi,I have a requirement to be able to maintain logs (all url,threat etc) for a period of atleast 6 months, this should be independant of the disk space. I have founf out that from the command line you can export the logbd using scp and back it up, bu the only downside is, correct me if i am wrong, the exported logdb can only be viewed in the Pal...

Resolved! Changing Time Zone

What are the implications of changing the time setting / time zone of a palo alto firewall in an HA setup?Are active sessions affected?

Miner for firehol

This one is fairly straight forward. Based on an ipv4 miner: attributes: confidence: 50 direction: inbound share_level: green type: IPv4ignore_regex: ^#source_name: firehol.blocklist_net_uaurl: https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/blocklist_net_ua.ipsetuser_agent: MineMeld There are a ton of lists just under his ...

chirss by L3 Networker
  • 5350 Views
  • 2 replies
  • 1 Likes

GlobalProtect Client Version Report

When deploying the GlobalProtect client upgrades, is it possible to run a report to see what GP Client version everyone has installed? This will allow us to see how well an upgrade is going to remote computers, and if any computer may not be communicating properly to the portal?

How to create a p2p tunnel from Palo Alto with static ip to Palo Alto with dhcp (with public ip)

Dear all, I am looking for a way to get a site2site tunnel working between a Palo Alto with static public ip and a Palo Alto with a "dynamic" endpoint (public ip through dhcp)The tunnel shows as status green in the GUI and also on CLI it shows up, but no traffic is passing. I found a how to through the Palo Alto pages, and I am using the User FQ...

Configuration of Logs PA220 - log database exceeds alarm

Hi, I just can't get a handle on logging. Currently the PA220 reports with PanOS 8.0.5 "Current size (357 MB) of threat log database exceeds alarm threashold value (90%) of total allowed size (368MB"). I have already tried to change the quota % values under Device -> Management -> Logging and Reporting Settings. But how do I get the PA to ...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks