This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Hands on Palo Alto practice

Hey Guys, I'm looking for a place I can practice using a PA firewall without actually purchasing one. Are there any rentals like INE's rack rentals for other technologies?

Willjdm by L0 Member
  • 3471 Views
  • 2 replies
  • 0 Likes

Resolved! push the commit on one member of the cluster only?

Hello,To test the link monitoring of the high-availability, i want to shut one interface on the active member.I set up the interface at down but i do not find how to do the commit on the active member only.Is there a solution to push the commit on one member of the cluster only?Thanks for your help.

pmartyn by L1 Bithead
  • 4269 Views
  • 5 replies
  • 0 Likes

U Turn NAT from External to Internal with FQDN Object

I know how to create a standard U-Turn NAT from outside to inside and that works fine as long as the INTERNAL object is an IP Netmask address. On the NAT Policy Rule the Original Packet is a static IP on my external facing range. The Translated Packet needs to point to a device that will have a dynamic IP. This is a mobile cart that can trave...

TNaami by L1 Bithead
  • 2865 Views
  • 1 replies
  • 0 Likes

GlobalProtect Certificate Profile not on Gateway and Portal

Is there any specific why someone would configured a certificate profille only on a GP Gateway and not on a GP Portal (or vice versa)? In tutorials or videos, I've always seen it configured on both, but on some networks I've seen people only configure on one of them

ce1028 by L4 Transporter
  • 2127 Views
  • 2 replies
  • 0 Likes

Resolved! Policy behaviour change

Hello, We know that policy behaviour changed from version PAN-OS 7.1 as per the link below. https://live.paloaltonetworks.com/t5/Configuration-Articles/PAN-OS-7-1-Policy-behavior-change-application-default/ta-p/75664 However, we upgraded from 8.0.0 or 8.0.2 to 8.0.4 and noticed that it was not enforced in 8.0.0/8.0.2. Was there still a bug/issue...

Farzana by L4 Transporter
  • 2477 Views
  • 2 replies
  • 0 Likes

Traffic for frontapp.com getting blocked

Hello, We need some assistance in allowing URL: https://frontapp.com through our FW. It is hitting the interzone-default policy and getting blocked. We made sure the category: computer-and-internet-info is allowed. Also, tried adding *.frontapp.com in the Allow list of URL filtering profile and added the application 'front' from the application ...

Policy.jpg
LogView.jpg
Deny-Traffic.jpg
Farzana by L4 Transporter
  • 2478 Views
  • 1 replies
  • 0 Likes

Raw log file extraction

Hi All , Can anyone tell how to extract old the log files from CLI , is there any dirctory to reach which contains log file please provide us the path .

Himarya by L1 Bithead
  • 6622 Views
  • 5 replies
  • 0 Likes

SNMP problem

Hi everyone I have a palo alto device with snmp configuration to send snmp packets when something happen (for example when an interface is down or up), the problem is when an interface is down the snmp server does not see snmp packets and if I make a packet capture I only see the next My palo alto device is 10.19.160.205 and the snmp server is...

snmp.png
SergioHV by L0 Member
  • 2418 Views
  • 1 replies
  • 0 Likes

How to deploy CA Palo Alto for non-join Domain!

Dear All, we have done to install PALO ALTO 3020 on our network, but I have a problem as follows.Now I have minimum 150 PCs not join the domain, and we need to deploy the CA for all of them by the automatid way!!! everyone from this PCs has a User Name on Active Directory Thanks

MOsama by L1 Bithead
  • 4887 Views
  • 7 replies
  • 0 Likes

Multi Rule Edit

Is there a tool out there to perform multiple rule edits? OR am I forced to do a "find & replace" method by copying CLI? In this case, I'm trying to enable log session at end for all rules.

nicford by L2 Linker
  • 2645 Views
  • 2 replies
  • 0 Likes

Resolved! failed to load: Internal memory error

Hi All, GP gateway was working fine and suddenly stopped working. Any changes to the certificate or tls profile give the following errors: 2017-07-30 09:56:06.456 +0100 Warning: pan_cfg_sysd_parse_response_msg(pan_cfg_sysd.c:859): got error response from cfgpush.s1.comm.cfg: Error: Certificate'GlobalProtect-GW' failed to load: Internal memory e...

Log-collector on 8.0 and panorama/FW's on 7.1 - Compatibility?

Anyone tested this or know if it is documented on the compatability or not with 8.0 on the log-collectors but everything else on 7.1.I know the rule of thumb that your manager (panorama) is to be your highest code version, however with the log-collector I could see this not applying.I plan on labing this but wanted to reach out to the community ...

AD trouble after installing content version 729

We had problems with AD after installing content version 729 this morning. Users were authenticated, but the logon process (group policy, drive mapping) was painfully slow. After we reverted to version 727 everything was OK again. The strange thing is that I see no traffic to our AD controllers being stopped by the firewall. Anybody else seen th...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks