This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4136 Views
  • 0 replies
  • 0 Likes

Report issue - incorrect data

Hi All, i have a problem: when my customer generates reports there are problem with data, i see that the usage in one week is less than the sum of two random days in the same week.example:Week report: 450.5 G bytesDay X: 588.3 G bytesDay Y: 262.0 G bytes Has anyone some hints? Regards,Daniele

DKanta by L2 Linker
  • 2291 Views
  • 2 replies
  • 0 Likes

Recommended MTU for GlobalProtect Gateway

Hello, We’re experiencing slowness from global connect clients located offsite back to firewall (i.e. 5MBps). Without the VPN client, the user can get up to 60MBps. What is the recommended MTU settings for GlobalProtect Gateway/interface should be set at? Our Ethernet interface(1/3) MTU where gateway terminates in DMZ is set at 1350 and the tunn...

Farzana by L4 Transporter
  • 10142 Views
  • 5 replies
  • 0 Likes

Resolved! URL log forwarding to syslog servers, but not all informational threat logs.

we need to forward url filtering logs from PaloAlto to syslog server ( similarly from Panorama to syslog server.)To do this we need to to forward the Threat "Informational" logs ( generally url filtering logs are part of threat "informational logs ). But we do not want to forward all "informational" threat logs to syslog servers as it will add l...

URL Filtering from Internet Traffic to Internal Websites

Been doing some searching but havn't come up with anybody doing this and if it has other problems / security ramifications I'm not aware of. My problem:We have an employee that is no longer working at our business but there personal computer at home is configured to our internal mail server. I can see the spam of authentication attempts from the...

Resolved! HA Configuration question?

Hi folks, As I prepare for my first HA configuration next weekend, have at least one question today. I understand from reading that the configuration will copy over to the second passive firewall over the HA1 link.Does that include everything? Certificates as well? Thanks

OMatlock by L4 Transporter
  • 2120 Views
  • 1 replies
  • 0 Likes

Resolved! Destination NAT vs Source NAT with Bi-directional?

Hi folks, I am reading several articles about NAT types and bi-directional.I have a test going, but confused about how my web server is translating its source address when replying. I thought that I would have to create a bi-directional NAT rule to get the web server to change its IP back to public (after the D-NAT), but that's not the case. It...

visio.jpg
NATRules.jpg
Securityrules.jpg
web.jpg
OMatlock by L4 Transporter
  • 15690 Views
  • 8 replies
  • 0 Likes

Palo Alto Updates not passing through another PA firewall

Network setup: PA3020 E1/2-->E1/1 PA500 E1/2-->Internet. In PA3020, we have configured the service route to paloaltoupdates through e1/2. Then traffic will reach pa500 e1/1 which will be routed to internet via e1/2. PAT configured on e1/2 which will be going to internet.I'm sure route, NAT,security policies are proper. In PA3020, connectio...

Resolved! PA-3020 - Internet Connection over Cisco Switch

Hey guys, at the moment, there is a direct connection between my Palo Alto Firewall and the Internet Router. Ethernet 1/20 on the PA is my external interface - it's one of the fiber interfaces. I want to change this connection from "direct" to "over switch". My question is: Which SFP module do I need in the cisco switch? I mean, the PA interface...

MPI-AE by L4 Transporter
  • 4619 Views
  • 3 replies
  • 0 Likes

Google drive not getting blocked

Dear Team,As per logs, I am getting drive.google.com is blocked.But actually, I can still able to access it. Please advise regarding this issue to get fixed. Give us the proper permanent fix for this issue.I can block mentioning the specific URL “drive.google.com” but every time we can not block new URLs like this.

qqq.png

Block web browsing but allowing other apps.

I need to block webbrowsing but allow other apps which has web dependency.Trust to untrust - all allowed. But when I deny webbrowsing from trust to untrust other apps like skype stops working.Requirement is only web-proxy ip is allowed webbrowsing from trust to untrust.How do we overcome this issue.

2 Factor Auth Issue

Hello, We are having issue with GlobalProtect VPN client when using 2 Factor Authorisation to authenticate. Instead of being presented with a second login prompt to enter the code from the keyfob, Palo Alto is rejecting logins unless the keyfob code is appended to the user’s password on the initial login prompt. How can we change this to the des...

Farzana by L4 Transporter
  • 6187 Views
  • 8 replies
  • 0 Likes

PBF SMTP for both ISP1/ISP2

I'm wondering if anyone has a similar setup and got it working. I'd like to have both SMTP services enabled on two ISPs for load-balancing and redundancy. I tried using PBF but couldn't get it working. It seems SMTP for ISP1 works fine but SMTP for ISP2 comes into the firewall but the application is incomplete. Which tells me the 3 way handshake...

x by L1 Bithead
  • 2594 Views
  • 1 replies
  • 0 Likes

Over 110% untilization

I am seeing my management plane spiking over 100% when do a preview and a commit, what could be causing that ? Also can a defrag be run or need to be run on the hard drive?

jdprovine by L4 Transporter
  • 9714 Views
  • 27 replies
  • 0 Likes
  • 24340 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks