This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4475 Views
  • 0 replies
  • 0 Likes

Resolved! HA Configuration question?

Hi folks, As I prepare for my first HA configuration next weekend, have at least one question today. I understand from reading that the configuration will copy over to the second passive firewall over the HA1 link.Does that include everything? Certificates as well? Thanks

OMatlock by L4 Transporter
  • 2177 Views
  • 1 replies
  • 0 Likes

Resolved! Destination NAT vs Source NAT with Bi-directional?

Hi folks, I am reading several articles about NAT types and bi-directional.I have a test going, but confused about how my web server is translating its source address when replying. I thought that I would have to create a bi-directional NAT rule to get the web server to change its IP back to public (after the D-NAT), but that's not the case. It...

visio.jpg
NATRules.jpg
Securityrules.jpg
web.jpg
OMatlock by L4 Transporter
  • 16488 Views
  • 8 replies
  • 0 Likes

Palo Alto Updates not passing through another PA firewall

Network setup: PA3020 E1/2-->E1/1 PA500 E1/2-->Internet. In PA3020, we have configured the service route to paloaltoupdates through e1/2. Then traffic will reach pa500 e1/1 which will be routed to internet via e1/2. PAT configured on e1/2 which will be going to internet.I'm sure route, NAT,security policies are proper. In PA3020, connectio...

Resolved! PA-3020 - Internet Connection over Cisco Switch

Hey guys, at the moment, there is a direct connection between my Palo Alto Firewall and the Internet Router. Ethernet 1/20 on the PA is my external interface - it's one of the fiber interfaces. I want to change this connection from "direct" to "over switch". My question is: Which SFP module do I need in the cisco switch? I mean, the PA interface...

MPI-AE by L4 Transporter
  • 4702 Views
  • 3 replies
  • 0 Likes

Google drive not getting blocked

Dear Team,As per logs, I am getting drive.google.com is blocked.But actually, I can still able to access it. Please advise regarding this issue to get fixed. Give us the proper permanent fix for this issue.I can block mentioning the specific URL “drive.google.com” but every time we can not block new URLs like this.

qqq.png

Block web browsing but allowing other apps.

I need to block webbrowsing but allow other apps which has web dependency.Trust to untrust - all allowed. But when I deny webbrowsing from trust to untrust other apps like skype stops working.Requirement is only web-proxy ip is allowed webbrowsing from trust to untrust.How do we overcome this issue.

2 Factor Auth Issue

Hello, We are having issue with GlobalProtect VPN client when using 2 Factor Authorisation to authenticate. Instead of being presented with a second login prompt to enter the code from the keyfob, Palo Alto is rejecting logins unless the keyfob code is appended to the user’s password on the initial login prompt. How can we change this to the des...

Farzana by L4 Transporter
  • 6348 Views
  • 8 replies
  • 0 Likes

PBF SMTP for both ISP1/ISP2

I'm wondering if anyone has a similar setup and got it working. I'd like to have both SMTP services enabled on two ISPs for load-balancing and redundancy. I tried using PBF but couldn't get it working. It seems SMTP for ISP1 works fine but SMTP for ISP2 comes into the firewall but the application is incomplete. Which tells me the 3 way handshake...

x by L1 Bithead
  • 2649 Views
  • 1 replies
  • 0 Likes

Over 110% untilization

I am seeing my management plane spiking over 100% when do a preview and a commit, what could be causing that ? Also can a defrag be run or need to be run on the hard drive?

jdprovine by L4 Transporter
  • 10114 Views
  • 27 replies
  • 0 Likes

VM based PAN FW

Hi,I have not been able to list the interfaces on VM based PANOS 7.1.0 after the VM PAN FW boots successfully. interfaces have been set to vmxnet3 type on VM settings. I have configured 3 interfaces (1mgmt and 2 data). assiged the static mac-address. show interface management -->list the ip address 192.168.1.1show interface all -> doenst ...

Minmeld on Unbuntu

Hi, We run a hyper-v shop so I am looking to set this up on Unbuntu. Just a few questions before I set off on the install: Can we install with the most recent version of Unbuntu? Is there a reason I need to run it on 14.x? I didn't resource requirements on the Unbuntu install page - what I do I need for CPU, RAM and disk space? Any other r...

Minemeld engine stopped - error starting engine

I would like to create ipv4 output based on the aws ec2 and route 53 miners. I cloned miners, aggregator and output from prototypes. When I hit commit nothing happens. I can see the processes stopped under System. If I hit restart for the engine, I get Internal Server Error. I already tried by rebooting the server and tried the same. I have atta...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks