This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4108 Views
  • 0 replies
  • 0 Likes

PBF Monitor Target

Scenario is dual-ISP scenario using PBF to connect via primary ISP but switch to secondary if primary goes down. In a Policy Based Forwarding rule in the Monitor section of the Forwarding tab, there are 2 checkboxes: one for Monitoring itself, and the second one labelled "Disable this rule if nexthop/monitor ip is unreachable". Firstly, what is ...

Resolved! uniqe id for policies

Good Morning, we are using a pa-1420 and manage it via the web-browser. We sort and group the policies with tags. The rules have a name and an order. Both are changeable. Is there also a unique ID that can be used to permanently identify rules? I didn't find a column like "unique ID" regards Andre

Get EDL Entries on Panorama

Hi gurus, May I know if I can get ip/url/domain EDL entries on Panorama? As I can only see predefined-ip amd predefined-url types on my Pamorama instance, I am not sure if it relates to my Pamorama license. When I try to get entries of my custom EDL, the API returns below error: <response status="error" code="17"> <msg> ...

jyao_0-1727285892307.png
jyao_1-1727285892389.png
jyao by L1 Bithead
  • 895 Views
  • 1 replies
  • 0 Likes

Getting the error "Unable to fetch external dynamic list. Couldn't resolve host name. Using old copy for refresh.

We have PA 5250 which has configured with multiple EDL. Suddenly all the EDLs are failing that throws the "Unable to fetch external dynamic list. Couldn't resolve host name. Using old copy for refresh." As a workaround we rebooted the firewall and it resolved the issue. Looking for the experts advise to resolve this issue permanently.

Trouble setting up Proxy ID's for a S2S with a Checkpoint peer and continuous rekeys

Hello, I'm quite new to PA and not much firewall experience. We are having trouble with a S2S VPN with a partner who has a Checkpoint FW. The clients are on our side, the server is on their side. What I see in our logs are constant rekeys for the IKEV2 tunnel every 2-3 seconds: ipsec-key-expireikev2-send-p2-deleteipsec-key-deleteikev2-nego-chi...

PID.jpg

arp Flooding

Cisco router is getting flooding from Palo Alto firewall Source NAT is basic getting scan from outside random countries We deal with users in other countries and blocking by countries will not work. the ranges from outside to our public ip address It looks like a scanning because it's rang of our public ip address what can we do to stop it or pr...

How to allow particular URL via Global Protect Split Tunnel and DNS should resolve for that particular URL.

Our BI team has snowflake setup in the azure, they have whitelisted on-prem public ip addresses and Global protect public ip addresses to allow the snowflake access. We have a split tunnel GP VPN so tried with including domain and port number of the snowflake in the global protect config. which is having a DNS resolution issue? is any one have...

tthapa23_0-1726688400290.png
tthapa23 by L2 Linker
  • 2396 Views
  • 1 replies
  • 0 Likes

Resolved! EDL global find XML API

Hi dear all, When I use /api/?type=op&cmd=<request><system><external-list><global-find><string></string></global-find></external-list></system></request> to search EDL with entry string, I can only search with IP list, for example, <request><system><external-list>&...

jyao by L1 Bithead
  • 2626 Views
  • 4 replies
  • 0 Likes

Fuel Spark Event Discussion: AI in the Age of Cybersecurity (September 26, 2024)

Fuel User Group is hosting a virtual Spark User Summit on September 26: AI in the Age of Cybersecurity. This special event, from 9:30 until 11:30 a.m. PT on Thursday, September 26, is dedicated to AI. Join us for an insightful update from Rob Rachwald, Director of Product Marketing at Palo Alto Networks! We’re thrilled to welcome Rob back as...

September-2024_Spark-User-Summit_palo-alto-networks.jpg
emgarcia by Community Team Member
  • 1255 Views
  • 0 replies
  • 0 Likes

Resolved! Where is the documentation that describes Syslog Log types formats for Palo Alto Firewalls?

On my Ubuntu Server I receive syslogs, that may look like this: <14>Sep 23 20:01:11 PA-440 1,2024/09/23 20:01:11,021201133296,TRAFFIC,end,2561,2024/09/23 20:01:11,10.10.10.103,20.190.177.21,192.168.10.20,22.120.127.11,rule1,,,ssl,vsys1,trust,untrust,ethernet1/2,ethernet1/1,LFP LimaCharlie FW,2024/09/23 20:01:11,121977,1,60637,443,39335,4...

How can I send Palo Alto Firewall Syslog as JSON format to a Syslog Server?

I have purcased a PA-440 Palo Alto Firewall. I want to send Syslog from it to a Ubuntu Server with JSON format. I am sending Syslog from the firewall to a Ubuntu Server using "Device > Server Profiles > Syslog": The syslogs that I receive looks like this, and is CSV(?) - not JSON: <14>Sep 23 20:01:11 PA-440 1,2024/09/23 20:01:11,0212...

02_syslog_server_profile_traffic.png

PAN-OS

Name a version of PAN-OS that does not have a vulnerability. Ya that would be great

App-ID confusion and blocking spotify

Hello, I'm trying to work on a request to totally block Spotify on our network for 1 host (could be more in the future) and I thought App-ID would be the best option for this but since it depends on SSL and web browsing it's dropping all traffic when I add those dependencies; which I figured it would. When I just have Spotify in the application...

cruz77 by L1 Bithead
  • 8145 Views
  • 5 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks