This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4162 Views
  • 0 replies
  • 0 Likes

ACC Dashboard

So I know that within in ACC dashboard there is a Risk Score Displayed. There is also Rule list that that shows risky app assosciated rule name . My question is does Panorama give you overall risk score for the rule itself? For example what if I have a mix of Risky apps for Risk 3, 4 ,5. Will it give me a avg risk score for the actual r...

PA-5220 AUX ports SFP+ module attributes

Hi I found thishttps://live.paloaltonetworks.com/t5/Management-Articles/How-to-check-the-media-type-on-the-interface-of-a-Palo-Alto/ta-p/71362 which gave me thisshow system state filter sys.s1.p*.phy But this I don't think shows me aux1 or aux2. Any one know how to show the SFP module info for aux1 and aux2

Aged-out issue

Hi, I have configured PA on Azure but it is unable to ping to PA.It always shows that "aged-out" as error message.Once I ping to proxy-server on Azure, the log is shown on PA but it is aged out and could not get the response.I did set up Static route and everything. I have set up as below.PC->Azure(PA)-Azure(Proxy server)-Intenet Can anybody ...

Resolved! IKEv2 Site to Site VPN to Cisco ASA5540

Hi folks, Are there any Cisco ASA specialists out there?We have a problem with a site to site vpn connection between paloalto and an ASA 5540. Actually the problem seems to be on the ASA side. The proxy id's on the PA are configured like this:Remote (ASA): 0.0.0.0/0Local: 1 private /24 subnet As described in the title, we use IKEv2. Now everythi...

Remo by L7 Applicator
  • 7509 Views
  • 6 replies
  • 1 Likes

Resolved! Two Site to Site VPNs with the same external subnet.

I have a Site to Site VPN to a customer and they are using 192.168.5.0/24. I have a new customer using the same subnet. I have configured this on a Cisco ASA using PAT. I am fairly new to Palo Alto firewalls and do not know how to configure this. I am using a PA-3020 running 8.0.2.

Resolved! session per second

hello everyone , is anyone knows that how to view the number of new sessions per second on paloalto ? my pan-os version is 7.1.8 .

Kumasan by L1 Bithead
  • 10589 Views
  • 2 replies
  • 0 Likes

How to connect to vpn from commandline on MACOS Sierra

I work at a company where we use various version of MAS OS X and connect to client VPNs that use various verison of Global Protect. The problem is that we find many conflicts between versions of GP and the host OS and there cannot be two version of GP installed at the same time.Users providing support to clients often have connectivity issues be...

moe.py by L0 Member
  • 8278 Views
  • 1 replies
  • 0 Likes

Resolved! Getting to internal servers

Hello all, I have a Guest/BYOD Wireless Zone that can get out to the internet just fine. The internet & internal network can get to my webservers just fine. The problem im having is that my Wireless zone can not get an internallyu hosted website from the public IP of my webserver. I do not want any kind of connection or link of the wireless...

Panorama Logs Delay ~1 hour

Our Panorama is showing logs (threat,url, etc...) about an hour after they occur on the firewalls. Is this normal behavior? I'd like to be able to see the logs in near real time as they occur, otherwise the Panorama logs don't have much use if we have to wait for an hour for them to appear. Any help would be appreciated.

ECPP by L0 Member
  • 5960 Views
  • 2 replies
  • 0 Likes

PA-3060 Dataplane

Hi Fellow Palo-Alto-ers, Hoping this amazing community can help me shed some light on something! I have a PA-3060 running PAN-OS 8.0.2. I am wondering what would be considered high dataplane CPU utilisation for this particular platform i.e. at what percentage should I start to see traffic drops! I read 80%+ is concerning according to Palo KB art...

Resolved! Minemeld behind corporate proxy?

Hi, There doesn't seem to be anything official on how to set up Minemeld to use corporate proxies. When trying to contact external URLs from within minemeld, it does not respect the proxy settings in either /etc/profile or /etc/default. It tries to access the Internet directly, and fails miserably, of course. How do I make Minemeld hit the p...

SaaS Report Platform Support

Hello Guys i would like know regarding for SaaS report attachment support platform?because i can't find out about the new platform(PA220 or PA820/850) support note. the description as belowOn PA-200 and PA-500 firewalls, the SaaS Application Usage report is not sent as a PDF attachment in the email. Instead, the email includes a link you use to ...

WSTW_SE by L1 Bithead
  • 3045 Views
  • 2 replies
  • 0 Likes

Resolved! How to change RDP's default port

As you know, the RDP's default port is 3389, but someone always try to connect via this default port, this result the domain accounts are locked frequently. so I would like to chang its default port,such as 33089, then others don't know the port, so they can't use this port to try remote desktop access, the question is How I config in Palo Alt...

Disable session timeout for Orcale application

How to disable session timeout for an application completely? In my case its Oracle that i want to disable timeout for.Its breaking the database connection for our application. And what would setting tcp timeout value of zero for an app would do?

raji_toor by L4 Transporter
  • 4407 Views
  • 2 replies
  • 0 Likes

Resolved! Missing ip-netmask, ip-range or fqdn attribute

Just wondering if anyone else has seen this issue. I have a 5.0.2 Panorama managing multiple 5.0.2 firewalls, and a few 4.1.x firewalls.Suddenly and for no obvious reason, I am getting the following error when trying to commit post/pre rules to ALL device groups:Details:. VSYS1. Error: Missing ip-netmask, ip-range or fqdn attribute. (Module: dev...

kociantw by Not applicable
  • 7587 Views
  • 4 replies
  • 0 Likes
  • 24339 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks