This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4238 Views
  • 0 replies
  • 0 Likes

Resolved! Syslog miner indicator

Hi, i'm trying creating a indicator for SLW injections events , extract src_ip and insert into Down below the code attached to the syslogminer class stdlib.syslogMiner , unfortunaltely validate process reports errors with the only suggestions "Condition is invalid", could be either a formatting erro or a logical erro, hard to say. conditi...

Is it possible to monitor PBF rule status via SNMP?

Hi- Is there a way I can get our PA-220 to alert our SNMP monitoring system when a Policy Based Forwarding rule fails/activates? I've set up SNMP on the firewall, added a device entry in our PRTG monitoring system, and set PRTG to automatically detect the device. It has discovered about 40 sensors, but I can't see any that relates to PBF. We hav...

IPSEC Tunnel messages and failure

On Weelkend, one of our tunnels was down for about an hour. I was checking system logs and found these messages repeatedly for that tunnel, even after it is up. Anybody knows what this means and what to look for in logs to find the cause of tunnel failure. 'the packet retransmitted in a short time from x.x.x.x[500]''IKE phase-2 negotiation reque...

raji_toor by L4 Transporter
  • 10342 Views
  • 7 replies
  • 0 Likes

Resolved! Does the PA-200 support the latest code of 8.0.2 ?

Hello, need to know if the PA-200 supports the latest version of 8.0.2 i am on the fense on getting one but am concered it may not be handle the latest code , also if not which PAN is the next best thing recommended for home/small business that can handle the latest code .. thanks in advance

How to save the API Key and make proper use of the REST API calls

Not sure if this makes sense -- plan to use Palo Alto's REST APIs for automated script tasks and health checks. Is there a way to save the key into a variable string -- therefore you can make multiple API calls and reference to the output key? Want to automate some of the daily health checks (HA status, available free space logs, critical event ...

c.huang by L1 Bithead
  • 2593 Views
  • 2 replies
  • 0 Likes

Resolved! Wie starten mit PA220 und 8.0

Hallo, ich suche ein Start Tutorial in welchem einfach erklärt wird, wie man mit der PA220 startet. Also dieser Beginner Guide hab ich schon, IP vergeben etc. Aber nun welche Regeln sind Empfehlungen, wie blockiert man diverse URLs? Wie baut man einen VPN-Tunnel zwischen zwei PA220 auf, eine Fallback Leitung einrichten. Und noch vieles mehr. Ich...

High availability failover due to high dataplane usage

our internet went down a few weeks ago when our primary PA failover to a secondary PA. We found out, after doing some research and investigative work, that this was due to the amount of new session created, which cause the PA to use the slowpath and access more cpu resource. Once we failedover, we had internet access for about 5-10 minutes and t...

mmbengue by L0 Member
  • 4123 Views
  • 2 replies
  • 0 Likes

How do I fix this?

Trying to connect PA-500 to user id agent on domain member server and keep getting this from the agent ID app log. 10/02/17 18:33:09:959[ Info 1219]: New connection 10.100.20.20 : 33369.10/02/17 18:33:09:975[ Info 1292]: Device thread 1 with 10.100.20.20 : 33369 is started.10/02/17 18:33:09:975[Error 3352]: Failed to validate client certificate,...

selfsignedcert.PNG

Resolved! How can I get the available VSYS in PaloAlto Firewall?

Hi everyone,I'm develping an automatic software to get configure data from PaloAlto firewall. I need to know if a firewall is virtualized (I already know how to get this info) and, if the firewall has one/more than one vsys, I want to know these vsys's names. I just can get this info if I write: set system setting target-vsys ?, but I'm using Pe...

Resolved! How to find a IP range by DMZ?

I am trying to find a range by DMZ. For example in ASA we can show-show route | inc 10.10.10and it will show the DMZ where that route belong. Is there a way to find that in PAN OS 7.1?

sarif5 by L0 Member
  • 2925 Views
  • 1 replies
  • 0 Likes

How to count sessions at Palo Alto.

Hello all.I would like to know how to count sessions at Palo Alto.I do not understand that the number of sessions is different between the two devices.The two devices are Palo Alto and BIG-IP.It is counted as 140 thousand sessions at Palo Alto and 30 thousand sessions at BIG-IP.Thank you.

awawa100 by L2 Linker
  • 4504 Views
  • 2 replies
  • 0 Likes

Syslog multiple configurations

I am having no issues actually sending syslog data. The issue is sending to much over the network. I have two different applications that require syslog data from the firewalls. One application requires all the logs with all the content. The other application only requires a limited number of fields in the trafic log and all of the change lo...

vseward by L1 Bithead
  • 5832 Views
  • 4 replies
  • 0 Likes

packet-diag flow basic “matched rule index 0”

What does the rule with the index number 0 refer to in the packet-diag flow basic for the security as well as the NAT policy? The id manager does not show a security nor nat rule with an index 0 while the show session shows that the traffic was matching security policy “General-Internet” which is index 7 and NAT policy “Student-NAT-Out” which is...

  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks