This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4237 Views
  • 0 replies
  • 0 Likes

Device Disconnected from Panorama

I added the Device yesterday to Panorama and everything was fine. Logs were shipping to Panorama from device as expected and at about 9:50 PM, I see a stop in the logs so I assume the device became disconnected at that point. From the device I can ping the Panorama so connectivity is there. No changes were made last night. What else can I check?

Resolved! How to migrate GlobalProtect from LDAP authentication to LDAP + Cert authentication

Hi,I am currently investigating the possibily to add an extra layer of protection on our GlobalProtect Clients.Currently LDAP authentication is used but I want to add an extra layer on top of this by using a certificate handed out to each user.As we do not have that many clients I figured I might as well have the PaloAlto Firewall hand these ou...

Resolved! Failed to sync PAN-DB to peer: Peer user failure

Hi, I have 2 PA500 (7.1.5 PAN-OS) In Active-Passive HA and since I upgrace from brighcloud to PAN-DB I have lots of mails complaining about "Failed to sync PAN-DB to peer: Peer user failure." I see that not all atemts to update de passive device fail, but 3-4 a day fail for some reason. Since the update is successfully in most of the atempt it's...

ARM by L1 Bithead
  • 5747 Views
  • 4 replies
  • 0 Likes

Adding new virtual disk for logging - doesnt added

hello.we have virtual applaince.and we want to increase disk size for our virtual appliance for logging i did everything as described here https://www.paloaltonetworks.com/documentation/70/virtualization/virtualization/set-up-a-vm-series-firewall-on-an-esxi-server/add-additional-disk-space-to-the-vm-series-firewall but when i turn on the Virtial...

Screenshot_1.png
Radmin_85 by L4 Transporter
  • 2138 Views
  • 1 replies
  • 0 Likes

Resolved! URL in a rule

Can you create a security rule that allows access from a specific IP address/laptop to a specific URL address? No we do not have the licensing for URL filtering

jdprovine by L4 Transporter
  • 5476 Views
  • 12 replies
  • 0 Likes

Multiple PA-500 with PanOS 8.0.4, some SYSTEM ALERT: high : User Group count exceeds threshold of 1k

Hi all, The company have many PA-500 in HA configuration across the globe, configured by the U.S. team. After upgrade to PanOS 8.0.4, 2 of them are sending alerts like "SYSTEM ALERT : high : User Group count of 16## exceededs threshold of 1000", each of different country and small difference in user group count. I checked the "Group Mapping Sett...

PK-GHL by L0 Member
  • 4581 Views
  • 1 replies
  • 0 Likes

Can't access Minemeld feeds from PAN OS 7.1.11

Hello -- I did a manual install of Minemeld on Ubuntu 14.04. That is working in the default setup. The miners are working and there is data in the inboundfeedhc feed. Nothing in the LC or MC feeds. When I try to add the url of the inboundfeedhc as a External Dynamic List in our 3020 w/ v7.1.11 PANOS, it always says: I found an article about tur...

url_access_error.png
sonet by L2 Linker
  • 5746 Views
  • 4 replies
  • 0 Likes

Resolved! Assign Secondary Public IP address

Hi I got a new internet connection through router, the firewall-router connection use private subnet, but I got a public subnet from provider which I will route to the firewall private IP.Since I will configure SSL-VPN, then I have to assign the external firewall interface public IP address so users can access for SSL-VPN setup. Now can I config...

myasin by L2 Linker
  • 10233 Views
  • 4 replies
  • 0 Likes

How to change syslog timestamp format

Hi,We are using syslog forwarding to SIEM system from our PA. Logs were in this format: 1,2017/09/06 23:59:59,007100001147,TRAFFIC,end,0,2017/09/06 23:59:59,X.X.X.X,Y.Y.Y.Y,0.0.0.0,0.0.0.0,Firewall To NTP,test\paloalto,,dns,vsys1,Inside,Inside,ethernet1/1,ethernet1/1,Q-Radar,2017/09/06 23:59:59,79361,1,42407,53,0,0,0x4064,udp,allow,409,176,233,4...

Resolved! Blocking MAC OSX on Palo Alto

Hi All,I have a scenario where i would like to block users on the basis of os they are using. Example, if someone is using OSX, they should be blocked. Any suggestions if that can be achieved. Kind regards Imran Brighton UK

Setting up a L2TP/IPsec VPN

Hi All, Im trying to setup a L2TP/IPsec VPN behind our PA FW, using RRAS.I have allowed application ipsec and i can see that port 500 and 4500 are being allowed when i attempt to connect.I have also set up NAT rules for ports 500,4500,1701 from untrust zone to untrust zone destination translation internal RRAS server. when I try to connect to th...

How to Troubleshoot LDAP Authentication in PanOS 5

I keep going through the steps for LDAP auth for admin access and keep getting this generic invalid username and password. I can browse the group mapping tree so I know the communication is there, I have verified my security group is in the allow list, and still just this generic invalid message. The test authenticaion commands from the 7 guide ...

Resolved! Suppress discovery notifications in Windows10

Hi, I'm an IT for a enterprise company and one of my users are tired of getting discovery notifications from the Palo Alto client. Basic windows blocking don't work and I found this site from Palo Alto that is 404. https://www.paloaltonetworks.com/documentation/71/globalprotect/globalprotect-admin-guide/set-up-the-globalprotect-infrastructure/cu...

p4lm4r by L0 Member
  • 2021 Views
  • 1 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks