This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

PA440 Upgrade/Downgrade from 10.1.8 to 10.2.7-h3

Hi guys, I was trying to upgrade PA440 on my lab but it was failed. (10.1.8 -> 10.2.7-h3) The following message was output. == Operation Download Status Completed Result Failed Details Successfully downloaded Preloading into software manager Traceback (most recent call last): File "/usr/local/bin/swminternal", line 18, in <module> s...

configure ha in different locations

hi, I have 2 palo alto and I have them in different buildings and I want to set up an HA between them how can I do it without just pulling a direct cable I want it to go through the network infrastructure. Kind regards

Tunnel Interface IP Address Requirement

Hi everyone! I am a new learner for Palo Alto I want my Remote Network to reach my HQ Network via GP. I am kind of confused whether when I am going to use IP Address to my tunnel interfaces, either on IPSEC site to site or Globalprotect deployment. Some of the video guides uses IP while others don't. I know that IP Address on tunnel i...

renzanjo11_2-1725618463451.png
renzanjo11_3-1725618463783.jpeg
renzanjo11_4-1725618463785.jpeg
renzanjo11_5-1725618463782.jpeg

FW specific rules from the Panorama shared policy

Hi All, Using Panorama (10.1.x) with a number of managed FWswe have a shared pre policy, parent pre policy and child policies with pre rules configured within. goal - in event of a security incident on a branch location we want to have a pre-defined deny rule in the parent pre-policy in place that we can just enable and push down to a specific F...

PA_nts by L4 Transporter
  • 925 Views
  • 1 replies
  • 0 Likes

Replacing the FW serial number in Panorama with a new one

Hi, What is a reliable way to replace the FW serial number in Panorama? We had a problem uploading a new license because the FW serial number did not match. Palo Alto TAC solved the problem, but the serial numbers changed, which caused the FW to be disconnected from Panorama. What should be done to swap the serial numbers so that all rules...

root partition available space reducing

I have a VM-500 ,PANOS-10.2.8-h3.root available space is decreasing and is now only 3%. I usually run below commands which sometimes can get me 1 or 2%. I have aggressive cleaning at 90% enabled. Why is creeping to 97% even with aggressive cleaning enabled.I have rebooted the fw(have seen reclaims some space after reboot) but didnt help. > d...

App-ID 'hotmail' false positive?

Hello,after our recent newsletter distribution, we now see lots of blocked App-ID 'hotmail' in traffic directed to our web servers. Those are requests to HTML resources (images) just referred to from Hotmail website, most likely Hotmail users reading their mails via web frontend. Though it is indeed related to Hotmail, I doubt it should really b...

gstrehl by L1 Bithead
  • 8196 Views
  • 11 replies
  • 0 Likes

AOL Mail

Hello,Has anyone been experiencing any issues with using AOL Mail through a PAN device since last week? I'm assuming AOL changed the behavior of their webmail site and now sections of the portal are not available - such as the inbox. Errors also pop up saying "we have encountered difficulties". However, outside the PAN device, the portal loads...

MGoodnow by L4 Transporter
  • 265406 Views
  • 15 replies
  • 0 Likes

SYSLOG Issue after upgrade

Hi Team, I just upgraded my PaloAlto to 11.1.3. after upgrade we faced issue that syslog receied delay log. "debug log-receiver statistics" Logging statistics------------------------------ -----------Log incoming rate: 448/secLog written rate: 467/secCorrupted packets: 0Corrupted HTTP HDR packets: 0Corrupted HTTP HDR Insert packets: 0Co...

What encryption is my SSL connection using?

We're on 9.0.9 and want to turn on the feature allowing users to connect to GlobalProtect using SSL if there is a need. Is there anywhere in the Monitor tab you can look to find what encryption is used for a particular users connection? I read this where it says, "The gateway responds to the request and selects the encryption and authentication ...

What's the difference between custom URL filtering in security policy and in URL filtering Security Profile?

Hello, Guys, I have one question.First below is the packet flow from "Packet Flow.pdf" document. According to this document ...In the red square, before PA make session table, it checks packet's ip and port (like the legacy L4 firewall), and then after the session created, it check Content, APP-ID.So I made this rule(URL Block).According to pack...

JTR by Not applicable
  • 14907 Views
  • 9 replies
  • 0 Likes

FQDN security policy

Our internal servers connects to a server on internet . There are existing FQDN based security policies. The destination FQDN resolves into multiple ip addresses . I am seeing few allows and denies for that particular destination URL on paloalto traffic logs . Users facing intermittent issues . It seems like firewall is querying for that destina...

P.Gandla by L0 Member
  • 1994 Views
  • 1 replies
  • 0 Likes

Resolved! Cannot connect to management server

Dear All:I had meet this problem for three times ,and It comes again , I can ping the Management port with a low delay , but can not login through the httpsand can login from SSH, but without any cli , I can't typing . and always"Oct 30 12:21:13 Error: pan_read_full(comm_utils.c:97): srvr: fatal recv error. sock=3 err=Connection reset by peer (1...

j.guo by L1 Bithead
  • 37912 Views
  • 12 replies
  • 0 Likes

Resolved! Palo Alto Security Profiles Suggestions

I am seeing that we have different Palo Alto provided Security Profiles that we can map to the security policy. What would best strategy to test it first in lower environments before rolling onto prod ? We just want to make sure it should not create any problems to existing traffic. Right now, we are not using for each security policy. But w...

"Device > Server Profiles > HTTP" gives error: Connection to: https://b76093c3662d5b4f.hook.limacharlie.io:443 failed: Couldn't resolve host name

Hi Palo Alto guys, I want to send traffic using HTTPS to LimaCharlie. I want to start by saying that I managed to get it working using CURL with the following command: curl --location 'https://b76093c3662d5b4f.hook.limacharlie.io/d61f357d-7e3e-42d7-a445-8ff62a479a4c/dev-fw-pa440-http' \ --header 'lc-secret: test' \ --header 'content-type:...

curl.png
00http.png
01HTTP.png
03Payload format.png
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks