This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1665 Views
  • 0 replies
  • 0 Likes

Resolved! VLANs for HA links

Hi all,

 

I am configuring two PA 3060 in A/A HA across datacenter. All the HA links from a PA in a DC will be connected to the core switch. Is it possible to put all HA links, i.e., HA1, HA2, HA3, HA1-backup, HA2-backup, in a single VLAN? Or does each

...

AlbertJJ by L1 Bithead
  • 4488 Views
  • 4 replies
  • 0 Likes

User-ID Hierarchy Design

So we have our device groups laid out like this, there’s more but you get the idea. Shared > Regional > Site.

The devices are members of the Site device group, and have a master device allowing me to push User-ID rules down through Panorama. If I want

...

problem with IP helpers after migration

We're migrating from a PA-2020 to PA-3020.

PANOS 6.1.12

 

Config migration went fine. And most functionality is ok on the new device.

However our IP helpers don't work anymore. We use them on tagged subinterfaces.

All subinterfaces on one interface connec

...

dieter_b by L4 Transporter
  • 5416 Views
  • 5 replies
  • 0 Likes

User-ID inconsistancies

Hello,

 

It's not the first time that I am facing this kind of issue :

 

Context : PaloAlto FW with (multiple) userID agents in a single (or multiple) Microsoft domain and user id based security policies.

 

The User ID feature seems at a glance to be worki

...

logs.JPG

Resolved! RDP NAT connection issue?

Hi folks,

 

For test purposes, I am trying to get RDP to work going through my PA-200 OS 6.1.4 to an internal PC.

I've been following several articles like this one, but not getting it to work.

https://live.paloaltonetworks.com/t5/General-Topics/MS-RDP-N

...

RDPNAT.jpg
RDPsecurity.jpg
OMatlock by L4 Transporter
  • 5658 Views
  • 7 replies
  • 1 Likes

Resolved! NTLM authentication fails

Hi all,

 

I'm facing an issue with captive portal and NTLM.  The SSO (NTLM) fails and the users must enter the credentials via the web-form. I've attached print screens from Wireshark and the output from the userid.log:

 

PAN-OS: 8.0.1

User-ID Agent: 8.0.

...

c1.jpg
c2.jpg

No Block Page when accessing Blocked Categories over HTTPS

Hi there,

I have recently noticed that when I test access to URLs of blocked categories over HTTPS, I do not get a 'Blocked Page' display from the Palo. It just says the Page Cannot be Displayed and show the connection was reset.

 

The URL filtering log

...

Bocsa by L3 Networker
  • 9693 Views
  • 6 replies
  • 0 Likes

Resolved! Where can I obtain rsyslog-minemeld?

Hi, I recently deployed an ansible built version of minemeld on Centos. However it does not appear to include rsyslog-minemeld? Is that still required to use the syslog analyzer node? If so, where can I obtain a rpm version of it?

calvinc by L0 Member
  • 3699 Views
  • 1 replies
  • 0 Likes

Question about vlans/Router on a stick.

I'm looking to configure a Palo as a router on a stick for a site to replace a decrepid Cisco 1811r router. The only printed information I can find is a 4.x document with pretty dissimilar UI images.

 

I've configured mutliple subinterfaces underneath

...

Panorama and Scan Type threats

Anyone know if Panorama is supposed to show Scan type threats in the Threats or Unified views under Monitoring?  I'm investigating why some of our Autodesk software on campus is having problems reaching the licensing server... Panorama didn't show an

...

jsalmans by L4 Transporter
  • 3423 Views
  • 4 replies
  • 0 Likes

User-ID mapping when host has 2 interfaces

We've run into a problem which I understand, I'm just not sure how to fix.  A user on her laptop logs into the domain while her laptop is docked, so UIA has her ip address mapping to the wired connection.  Later, she undocks and flips over to wireles

...

Resolved! H.323 cisco telepresence configuration

 Hi guys,

 

I am very new in PA administration and I am trying to set up voice communication between cisco telepresence sx-20 located with private IP address in my Internal network to some terminals outside the network. I am using IP address like calli

...

Untitled.png
Untitled1.png
maximn by L1 Bithead
  • 6238 Views
  • 7 replies
  • 1 Likes
  • 24215 Posts
  • 117 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks