This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Discussions
Check out LIVEcommunity discussions to find answers, get support, and share knowledge related to Palo Alto Networks tools and products.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Discussions
Check out LIVEcommunity discussions to find answers, get support, and share knowledge related to Palo Alto Networks tools and products.

Browse the Community

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

24324 Posts

Custom Signatures

The Custom Signatures discussion is a resource for security professionals to discuss the creation process of custom signatures in their PAN-OS appliance.

175 Posts

VirusTotal

Have you encountered a false positive verdict for Palo Alto Networks (Known Signatures) on VirusTotal? Use this forum to submit a verdict change request. Change requests should include the File Hash, Link to VirusTotal report, current VirusTotal verdict, and description.

782 Posts

Network Security

Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to all things Network Security.

5777 Posts

Cloud Delivered Security Services

Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Palo Alto Networks’ Cloud Delivered Security Services.

648 Posts

Secure Access Service Edge

Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Prisma Access and Prisma SD-WAN.

555 Posts

Cloud Native Application Protection

Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Prisma Cloud and Cloud Identity Engine discussions.

471 Posts

Security Operations

Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Cortex XDR, XSOAR, and Xpanse discussions.

3982 Posts

Activity in Discussions

Need help on this XSOAR Weird behavior on preprocessing scripts

Hi All! I developed a preprocessing script and it's working fine in our dev xsoar environment but not working in prod for some reason. By looking at the log in detail, i found some nuances that i can't explain.Both prod and dev run the same code and i am sure the data is there in prod as wellHere is the comparison. this is the log from prod: ...

Panorama 11.1 Recommended AWS Instance Size

Running Panorama that manages two firewalls in a small deployment, the current instance size is c5.4xlarge, which I believe is excessive for CPU and memory usage. Is it okay to use a different instance size, like m6i.2xlarge or smaller? I understand the documentation recommends 16 CPUs and 64GB RAM for 11.1 and later. https://docs.paloaltonetw...

Disconnect Internally but not remotely

We have some users who need to connect to part of our network that isn't routable which means GP cannot connect when they are plugged into it. In order for them to do their work, they need to be able to disconnect from GP. I am wondering if there is a setup where if the user is on the internal network and connected to an internal gateway, th...

PA1420 IKE packet disappear between receive (ingress) and firewall session state

Hi, we have an PA-1420 Active/Passive HA-Cluster. Behind that Cluster we also use a Cisco FirePower 1150 as our VPN-Gateway, so IKE traffic (udp-500 and udp-4500) is passing our PA-1420. Our PA-1420 has to ISP connections for failover, both are dedicated interfaces eth1/1 ISP1 (primary) and eth1/2 ISP2 (backup). Our VPN-Tunnels on the Cisco Fi...

LJenne by L0 Member
  • 242 Views
  • 0 replies
  • 0 Likes

Wildfire False Positive on Detection of .XLSX extension

Wildfire False Positive on Detection of .XLSX extensionfrom Feb 24th,2026. In our organization started receiving wildfire alerts as information severity for the office extensions files for example. .xlsx files. hash value : 6e81b1b3fc08fb5f481d8882caeeafdf89f1c054abc71d4645da25f6b1ac516bclean as per analysis and sandbox analysis also clean leg...

"Bugs" on Syslog Field Descriptions documentation PAN-OS 11.1+

I found a lot of "bugs": typos, missing fields, unstandarized naming, etc. in the Syslog Field Descriptions documentation PAN-OS 11.1+ All the inconsistencies are documented in https://github.com/enotspe/palos/blob/main/EDGE_CASES.md Hopefully Palo Alto team will correct it

enotspe by L0 Member
  • 330 Views
  • 0 replies
  • 0 Likes

PA 5540 Deployment

I recently purchased a 5540 pair and plan on deploying them in the next few months swapping out a 5250 pair. I'm curious if anyone has worked with the 5500s yet, or even PANOS 12.1? Any comments or feedback you might have based on what you've seen so far.

while do the factory reset of pa 5250 showing error: findfs: unable to resolve 'label=sysroot0

Hi , We have Palo alto 5250 we have forgotten the password so we are planning to do factor reset of the device but we have done factor reset to but while completing the percentage automatically it's reboot and went again maintenance mode when we click the factory reset again it's Looping again and again same maintenance mode if go disk image al...

Do Palo Alto VMs support GCP N4 gve driver?

Dear community! Do you know if Palo Alto VM series firewalls is compatible with Google Cloud N4 machine family?? With N4 family the dataplane interfaces type=gve are not recognized > debug show vm-series interfaces allInterface_name Base-OS_port Base-OS_MAC PCI-ID Drivermgt (interface-swap)...

Backup Peer HA1 IP Address ?

Just completed the PALO BPA and we have a recommendation for "No backup to the HA1 peer IP address is configured" We've tested failover and it works perfectly but my understanding is that this is incase the primary HA connection went down. I read different opinions that using the management interface IP for this fine? Has anyone done that? And i...

Walt by L1 Bithead
  • 103 Views
  • 1 replies
  • 0 Likes

Badbox malware

Hi, Our ISP keeps alerting us that we have a malware infection with something called android.badbox somewhere on our network but the source as they see it is our DNS server. They've provided the DNS query which they're seeing (for an A record) but we don't have the facility to log client queries on our DNS system. We've searched the paloalto thr...

Prisma Access Service Connection to Palo Alto FW in HA-AA

Hi, We were able to make the tunnels up under 1 Service Connection (with 2 tunnels, primary and secondary) in Prisma Access and 2 tunnels in Palo Alto FW with Active-Active HA setup. If both tunnels are up, loopback IP in FW1 is accessible from GP user. But when the primary went down and secondary tunnel is still up, GP user in unable to reach...

IBalaro by L1 Bithead
  • 175 Views
  • 1 replies
  • 0 Likes

Resolved! Pre-Populate Multipule Portal Addresses

I would like to know if there is a way to setup the .msi file to pre-populate the portal ip addresses for my users.I found this kb article on how to set it up (How to predefine Global Protect portal address using Microsoft ... - Knowledge Base - Palo Alto Networks), but I have multipule portals I need to add. This only has instructions for a si...

M.Maus by L1 Bithead
  • 422 Views
  • 2 replies
  • 0 Likes
Load more
Register or Sign-in
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks