This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Invalid TACACS Logins from Outside

Just setup TACACS authentication using Cisco ISE as our TACACS server.  We can successfully login with our AD accounts, but when I look in the TACACS logs on ISE, I see a ton of "INVALID" attempts from external IPs.  Is the normal/expected?  Is there

...

Resolved! Log message

Hello there,

 I had received several log message " XDR service cyserver was stopped on Desktopxxx" although this devices have running cortex agent. What are the scenarios that this log message are generated and what are the cases that the cortex agent

...

Migrate Massives URL Category

Good Morning.

I would like to know if there is a way to migrate whitelists created locally from URL Category to Panorama and that these do not affect the policies already created.

Category URLs are many and I would like it to be fast and efficient.

Gree

...

Resolved! No valid GlobalProtect Subscription License warning

Dear Team,
 
I am receiving the below warning while committing,
 
Warning: Collect HIP Data in vsys (vsys1), GlobalProtect Portal (GP) -> Agent -> config (GP_A91) -> HIP Data Collection will not take effect due to no valid GlobalProtect Subscription Lice
...

VishnuPS by L3 Networker
  • 6329 Views
  • 2 replies
  • 0 Likes

Resolved! maximum number of bgp routes

hi,

is there a maximum number of bgp route entries supported for the 5000 series ? does it support a full ipv4 routing table ? i cannot find any docs or data sheets with this kind of limits detailed...

thanks

Error updating managed firewalls

When initiating a software update from Panorama to managed firewalls I get the error

“Failed binding local connection end”

So I followed the ms.log file and noticed this in the log

“2021-02-11 16:12:02.762 +0000 Deployment download using service route:

...

PA-220 HA - License Required?

I intend to purchase two new PA-220s in my company and want to set them up in a high available configuration in case one dies. Is there a license that's required? Sorry.. very new to PA and just trying to learn.

Jack45 by L1 Bithead
  • 3185 Views
  • 3 replies
  • 0 Likes

Alert for static route failure.

I have a PA 3220 with two static routes, the two routes have different AD, Path monitoring has been configured in first static route with premtion enabled, my query is that can we generate email alert for the primary route down and secondary route do

...

A very weird issue

I have LinuxA (redhat 6.10) and LinuxB (CentOS 7.9) sitting in ZoneA accessing LinuxC (Ubuntu 20.x) sitting in ZoneB on http port without any NAT, jut routing and we have firewall rule to allow tcp port 80 (application ANY) for LinuxA and LinuB to co

...

dtran by L4 Transporter
  • 2006 Views
  • 2 replies
  • 0 Likes

Resolved! zone protecton reconnaissance not capturing obvious threat

Hello,

 

We are in the initial stages of setting up zone protection renaissance, and still playing with threshold and event values (currently set to 30sec, 5event).  I am also set to block the IP, for a small amount time, as we continue to adjust and b

...

Sherm_0-1631902886853.png
Sherm_1-1631903470957.png
Sherm by L1 Bithead
  • 3515 Views
  • 5 replies
  • 0 Likes

Found a bug?

Earlier I posted and asked if there were any technical considerations for renaming a DG.  I decided to rename two of them and validate on Panorama to see if it through any errors, it didn't, but I reverted anyway because I hadn't put in a change noti

...

Internet Traffic

Hi Community,

 

This is my first message and hope I am in the right place. I am tasked with taking our single internet connection (4Gbps) and carve in two lanes.  One lane will service normal traffic; internet, vpn, remote access, telephony, etc. The s

...

Resolved! S2S VPN between PA-3020 and Cisco ASA 5525

Hi All,

 

1st Post so hopefully i'm doing this correctly.

 

I am trying to setup a VPN tunnel to a 3rd Party. We have a PA-3020 and they have a Cisco ASA. They do have another Cisco in-between both our devices which is performing NAT. Hence we have enabl

...

  • 24217 Posts
  • 99 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks