General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! BGP/BFD

I am running BFD with BGP in a cluster(active/passive) and I am unclear on how to set up a failover of the firewall to the passive peer if BFD fails in order to bring up the BGP peer on other node. Any assitance would be appreciated.

r24481 by L1 Bithead
  • 3130 Views
  • 1 replies
  • 0 Likes

No metrics showing up in a syslog analyser node

Hi, I followed this post the other day and have been forwarding logs from my firewall for 2 days now, but without any hits, so I am wondering if I have done something wrong? I can see in a tcpdump dump on the minemeld server, that logs are received on port 13514/TCP. Also, the logs that are sent to minemeld are dropped traffic from an EDL, so ...

borising by L4 Transporter
  • 20536 Views
  • 16 replies
  • 1 Likes

Resolved! MineMeld export custom prototypes

Hey all, Can anybody tell me how we can export (and import) custom created prototypes (for backup purposes). The config does not include these, so if we need to rebuild the MineMeld instance we have an issue. Kind regards

mr.linus by L4 Transporter
  • 6307 Views
  • 2 replies
  • 0 Likes

Reason: User is not in allowlist

User 'steven.williams.da' failed authentication. Reason: User is not in allowlist From: ltdlqq6h2.domain.lan short name: domain\paloaltoadminssource type: ldapsource: Network_Administrators[1 ] domain\steven.williams.da Authentication profile contains the user group paloaltoadmins using the LDAP server profile. Created user in local admin and ad...

Resolved! Autofocus for MSP environments

Hi Guys If an MSP wants to use Autofocus for its customers and wants each one to have its own independent dashboard, is there a way to do it. Or would they just need to buy an AF license per customer

nrobison by L1 Bithead
  • 3552 Views
  • 1 replies
  • 0 Likes

Panorama Commit Fail With Error: Duplicate Service group

Hi all, I'm trying to Transition an existing Firewall to Panorama Management and I'm following this guide - https://www.paloaltonetworks.com/documentation/80/panorama/panorama_adminguide/manage-firewalls/transition-a-firewall-to-panorama-management/migrate-a-firewall-to-panorama-management#id75642aaa-965c-4f2d-bc1c-8160a8a1543e when I perform st...

Custom traffic-to-destination report

I am having some trouble creating a custom report that to me seems like it should be a simple and typical report. I have a block of 10 destination addresses added into an address group and I need a montly report generated that just shows the total amount of traffic heading out to that address group. I have recently taken over the administration ...

twu-wb by L0 Member
  • 2452 Views
  • 2 replies
  • 0 Likes

Remove IP Address from Subinterface with CLI

I'm trying to remove an IP address from a subinterface using the CLI. Command I'm using is: 'delete network interface ethernet 1/8 layer3 units ethernet1/8.3624 ip x.x.x.x/29'When I run this command, I get a message saying:'No object to delete in delete handler' I am able to remove all other configuration from the subinterface.

Resolved! create ftp &NAT

Dear all I have ftp server and two user use this ftp from different network i want to create NAT ftp server IP is 192.168.30.30user 1 192.168.40.1user 2 192.168.50.1 user can send and recieve from ftp server

Comparision with other vendors

I would like to know is there any document of battle between Palo Alto Networks NGFW and other vendors (Cisco,check point,fortinet).I cant find the the latest info about it.It can be very usuful when talking with customers.And also i would like to get info about best practice POC.is there any technical documentation about it?thanks in advance

Radmin_85 by L4 Transporter
  • 3904 Views
  • 1 replies
  • 0 Likes

Device Disconnected from Panorama

I added the Device yesterday to Panorama and everything was fine. Logs were shipping to Panorama from device as expected and at about 9:50 PM, I see a stop in the logs so I assume the device became disconnected at that point. From the device I can ping the Panorama so connectivity is there. No changes were made last night. What else can I check?

Resolved! How to migrate GlobalProtect from LDAP authentication to LDAP + Cert authentication

Hi,I am currently investigating the possibily to add an extra layer of protection on our GlobalProtect Clients.Currently LDAP authentication is used but I want to add an extra layer on top of this by using a certificate handed out to each user.As we do not have that many clients I figured I might as well have the PaloAlto Firewall hand these ou...

Resolved! Failed to sync PAN-DB to peer: Peer user failure

Hi, I have 2 PA500 (7.1.5 PAN-OS) In Active-Passive HA and since I upgrace from brighcloud to PAN-DB I have lots of mails complaining about "Failed to sync PAN-DB to peer: Peer user failure." I see that not all atemts to update de passive device fail, but 3-4 a day fail for some reason. Since the update is successfully in most of the atempt it's...

ARM by L1 Bithead
  • 5868 Views
  • 4 replies
  • 0 Likes

Adding new virtual disk for logging - doesnt added

hello.we have virtual applaince.and we want to increase disk size for our virtual appliance for logging i did everything as described here https://www.paloaltonetworks.com/documentation/70/virtualization/virtualization/set-up-a-vm-series-firewall-on-an-esxi-server/add-additional-disk-space-to-the-vm-series-firewall but when i turn on the Virtial...

Screenshot_1.png
Radmin_85 by L4 Transporter
  • 2177 Views
  • 1 replies
  • 0 Likes
  • 24395 Posts
  • 123 Subscriptions
Top Solution Authors
Labels