This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! looking for efficient way to clear specific security rule hit counts

I have Panorama managing 2 HA paired firewalls. The security rules are pushed to both HA pairs. I want to clear the hit counts for specific rules. If I login to the active firewall then I can run this command and it works fine. show rule-hit-count vsys vsys-name vsys1 rule-base security rules list [ "asdf1" "asdf2" "asdf3" ] And the clear ve...

PBF Monitor Target

Scenario is dual-ISP scenario using PBF to connect via primary ISP but switch to secondary if primary goes down. In a Policy Based Forwarding rule in the Monitor section of the Forwarding tab, there are 2 checkboxes: one for Monitoring itself, and the second one labelled "Disable this rule if nexthop/monitor ip is unreachable". Firstly, what is ...

Resolved! uniqe id for policies

Good Morning, we are using a pa-1420 and manage it via the web-browser. We sort and group the policies with tags. The rules have a name and an order. Both are changeable. Is there also a unique ID that can be used to permanently identify rules? I didn't find a column like "unique ID" regards Andre

Get EDL Entries on Panorama

Hi gurus, May I know if I can get ip/url/domain EDL entries on Panorama? As I can only see predefined-ip amd predefined-url types on my Pamorama instance, I am not sure if it relates to my Pamorama license. When I try to get entries of my custom EDL, the API returns below error: <response status="error" code="17"> <msg> ...

jyao_0-1727285892307.png
jyao_1-1727285892389.png
jyao by L1 Bithead
  • 952 Views
  • 1 replies
  • 0 Likes

Getting the error "Unable to fetch external dynamic list. Couldn't resolve host name. Using old copy for refresh.

We have PA 5250 which has configured with multiple EDL. Suddenly all the EDLs are failing that throws the "Unable to fetch external dynamic list. Couldn't resolve host name. Using old copy for refresh." As a workaround we rebooted the firewall and it resolved the issue. Looking for the experts advise to resolve this issue permanently.

Trouble setting up Proxy ID's for a S2S with a Checkpoint peer and continuous rekeys

Hello, I'm quite new to PA and not much firewall experience. We are having trouble with a S2S VPN with a partner who has a Checkpoint FW. The clients are on our side, the server is on their side. What I see in our logs are constant rekeys for the IKEV2 tunnel every 2-3 seconds: ipsec-key-expireikev2-send-p2-deleteipsec-key-deleteikev2-nego-chi...

PID.jpg

arp Flooding

Cisco router is getting flooding from Palo Alto firewall Source NAT is basic getting scan from outside random countries We deal with users in other countries and blocking by countries will not work. the ranges from outside to our public ip address It looks like a scanning because it's rang of our public ip address what can we do to stop it or pr...

How to allow particular URL via Global Protect Split Tunnel and DNS should resolve for that particular URL.

Our BI team has snowflake setup in the azure, they have whitelisted on-prem public ip addresses and Global protect public ip addresses to allow the snowflake access. We have a split tunnel GP VPN so tried with including domain and port number of the snowflake in the global protect config. which is having a DNS resolution issue? is any one have...

tthapa23_0-1726688400290.png
tthapa23 by L2 Linker
  • 2668 Views
  • 1 replies
  • 0 Likes

Resolved! EDL global find XML API

Hi dear all, When I use /api/?type=op&cmd=<request><system><external-list><global-find><string></string></global-find></external-list></system></request> to search EDL with entry string, I can only search with IP list, for example, <request><system><external-list>&...

jyao by L1 Bithead
  • 2786 Views
  • 4 replies
  • 0 Likes

Fuel Spark Event Discussion: AI in the Age of Cybersecurity (September 26, 2024)

Fuel User Group is hosting a virtual Spark User Summit on September 26: AI in the Age of Cybersecurity. This special event, from 9:30 until 11:30 a.m. PT on Thursday, September 26, is dedicated to AI. Join us for an insightful update from Rob Rachwald, Director of Product Marketing at Palo Alto Networks! We’re thrilled to welcome Rob back as...

September-2024_Spark-User-Summit_palo-alto-networks.jpg
emgarcia by Community Team Member
  • 1326 Views
  • 0 replies
  • 0 Likes

Resolved! Where is the documentation that describes Syslog Log types formats for Palo Alto Firewalls?

On my Ubuntu Server I receive syslogs, that may look like this: <14>Sep 23 20:01:11 PA-440 1,2024/09/23 20:01:11,021201133296,TRAFFIC,end,2561,2024/09/23 20:01:11,10.10.10.103,20.190.177.21,192.168.10.20,22.120.127.11,rule1,,,ssl,vsys1,trust,untrust,ethernet1/2,ethernet1/1,LFP LimaCharlie FW,2024/09/23 20:01:11,121977,1,60637,443,39335,4...

How can I send Palo Alto Firewall Syslog as JSON format to a Syslog Server?

I have purcased a PA-440 Palo Alto Firewall. I want to send Syslog from it to a Ubuntu Server with JSON format. I am sending Syslog from the firewall to a Ubuntu Server using "Device > Server Profiles > Syslog": The syslogs that I receive looks like this, and is CSV(?) - not JSON: <14>Sep 23 20:01:11 PA-440 1,2024/09/23 20:01:11,0212...

02_syslog_server_profile_traffic.png

PAN-OS

Name a version of PAN-OS that does not have a vulnerability. Ya that would be great

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks