General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1533 Views
  • 0 replies
  • 0 Likes

Resolved! Error in EBL Refresh job

Hi guys!

 

I have two PA-5060 in HA and in this moment my secondary is active. In secondary I've seen the following messages:

EBL(dyn-block-list-ip-sadc) EBLRefresh job failed. No valid IPs found in list
EBL(dyn-block-list-ip-sadc) Unable to fetch extern

...

Resolved! TAXII output deduplication problem

Hello!

Could you tell me why taxii output doesn't do data deduplication?

Is it normal behaviour or bag?

This problem is very important for us because we have huge amount of IOCs (about 450K).

TAXII output just multiply this list.

Additionally after t

...

KVasiliy by L2 Linker
  • 12438 Views
  • 11 replies
  • 0 Likes

Resolved! Single vWire to Multi vSys

Hello,

 

I wonder if someone can help - I currently have a firewall deployed in a vWire configuration, however the requirements for the site are changing and we now need to utilise the Multi-vSys feature.

I've had a look but can't see any information th

...

lscott01 by L0 Member
  • 3957 Views
  • 2 replies
  • 0 Likes

Resolved! Troubleshooting Slowness with Traffic, Management

Hi,

 

I am reconfiguring my PA-100 VM, as i am changing the network design, but after i changed the interfaces IP, Router configuraattion, NAT policy, and security policy. I cannot get to internet and in monitroing end reason is "aged-out"

 

From CLI i c

...

GWASSEF by L1 Bithead
  • 7832 Views
  • 6 replies
  • 0 Likes

Resolved! How to create an internal type NAT?

Hello folks,

 

Not sure if my question is worded just right, but here goes. 

 

We have a partner company that has a Juniper NAT type of device plugged into our PA 3020 that does a NAT to a server in there environment, which we communicate with fine usin

...

PANAT.jpg
OMatlock by L4 Transporter
  • 3922 Views
  • 6 replies
  • 0 Likes

Hands on Palo Alto practice

Hey Guys,

 

I'm looking for a place I can practice using a PA firewall without actually purchasing one. Are there any rentals like INE's rack rentals for other technologies?

Willjdm by L0 Member
  • 3185 Views
  • 2 replies
  • 0 Likes

Resolved! push the commit on one member of the cluster only?

Hello,

To test the link monitoring of the high-availability, i want to shut one interface on the active member.
I set up the interface at down but i do not find how to do the commit on the active member only.
Is there a solution to push the commit on on

...

pmartyn by L1 Bithead
  • 3779 Views
  • 5 replies
  • 0 Likes

U Turn NAT from External to Internal with FQDN Object

I know how to create a standard U-Turn NAT from outside to inside and that works fine as long as the INTERNAL object is an IP Netmask address.  On the NAT Policy Rule the Original Packet is a static IP on my external facing range.  The Translated Pac

...

TNaami by L1 Bithead
  • 2603 Views
  • 1 replies
  • 0 Likes

GlobalProtect Certificate Profile not on Gateway and Portal

Is there any specific why someone would configured a certificate profille only on a GP Gateway and not on a GP Portal  (or vice versa)?

 

In tutorials or videos, I've always seen it configured on both, but on some networks I've seen people only configu

...

ce1028 by L4 Transporter
  • 1895 Views
  • 2 replies
  • 0 Likes

Resolved! Policy behaviour change

Hello,

 

We know that policy behaviour changed from version PAN-OS 7.1 as per the link below.

 

https://live.paloaltonetworks.com/t5/Configuration-Articles/PAN-OS-7-1-Policy-behavior-change-application-default/ta-p/75664

 

However, we upgraded from 8.0.0 o

...

Farzana by L4 Transporter
  • 2213 Views
  • 2 replies
  • 0 Likes

Traffic for frontapp.com getting blocked

Hello,

 

We need some assistance in allowing URL: https://frontapp.com through our FW. It is hitting the interzone-default policy and getting blocked. We made sure the category: computer-and-internet-info is allowed. Also, tried adding *.frontapp.com i

...

Policy.jpg
LogView.jpg
Deny-Traffic.jpg
Farzana by L4 Transporter
  • 2227 Views
  • 1 replies
  • 0 Likes

Raw log file extraction

Hi All , 

 

Can anyone tell how to extract  old the log files from CLI , is there any dirctory to reach which contains log file please provide us the path . 

Himarya by L1 Bithead
  • 5880 Views
  • 5 replies
  • 0 Likes
  • 24204 Posts
  • 117 Subscriptions
Top Liked Authors
Labels