This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4191 Views
  • 0 replies
  • 0 Likes

EDL MS Intune All URL misses an entry

Dear all We got a question assigned about the PaloAlto EDL for MS Intune, the EDL "MSIntune All URL" (accessible via https://saasedl.paloaltonetworks.com/feeds/msintune/all/url). By 30th of April 2026, Microsoft added the URL "lgmsapeswiss.blob.core.windows.net" to her list, which can be reviewed here: Network endpoints for Microsoft Intune - ...

How to get access to the knowledgebase articles (SSO Error)

Hello community, Has anybody experienced an issue with getting access to the knowledgebase articles recently? I am being redirected to a login page each time when try to open a link to the article provided by Google in search results. Once I successfully log in I get the same "Single Sign-On Error" with a text (https://knowledgebase.paloaltonetw...

dh by L0 Member
  • 340 Views
  • 3 replies
  • 1 Likes

Resolved! How to request review of residual High-Risk rating when category dispute has been resolved?

I am the volunteer webmaster for Berkshire Family History Society, a UK registered charity. I am seeking guidance on the correct process for requesting review of a Risk Level rating when the URL category dispute has already been resolved. The history is straightforward. On 11 May 2026 our domain berksfhs.org was classified by PAN-DB as Malware...

Resolved! PA-445 lost management access

Hey All, thank you for those who helped me out yesterday!I'm back with what i think is a doozy,I tried to change the firewall's login IP from 192.168.1.1 to 192.168.69.1. The problem was that the firewall already used 192.168.69.1 as its office network gateway, so we were trying to use the same IP for two different purposes. The firewall detecte...

Palo Alto Networks Training and Student Engagement Opportunities

Howdy Palo Alto Community!In addition to my employee role in the IT department, I volunteer as a staff advisor for the Islander Cyber Society (our campus cybersecurity club) at Texas A&M University–Corpus Christi.Previously, we participated in the Palo Alto Networks Cybersecurity Academy and explored offerings such as Cybersecurity Fundament...

jdean77 by L0 Member
  • 274 Views
  • 1 replies
  • 1 Likes

Does "pre-logon" user belongs to "known" user?

Dear Comm, I was googleing alot about this topic and but only found this: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClXlCAK My specific question is, if a the User ID agent show the username "pre-logon" learned via "GP" - does this "user" counts to the "gruoup" of "known"-user which I can use in security policies? ...

Rboehme by L2 Linker
  • 5001 Views
  • 2 replies
  • 0 Likes

Resolved! HA Configuration Sync from PA-A to PA-B?

Hello everyone, Here is the scenario: PA-A has the full configuration and a Device Priority of 50. PA-B has no configuration and a Device Priority of 100. Both firewalls are configured in Active-Passive mode and belong to the same Group ID. Under High Availability → General → Setup, for the option “Enable Config Sync”, which firewall should ha...

Best Practice Assessment /SCM

I used to run BPA in Strata Cloud Manager, but now when I log in I can’t find the On-Demand BPA option. How can I run a Best Practice Assessment on a Palo Alto firewall?

Route & Path Selection

I have a Cisco backround & I am currently studying Virtual Routers & Static Routes in the PA 8.0 admin guide. I am trying to understand how Metrics are used in the firewall because it sounds like Administrative Distance does the same thing. Can someone tell me if my theory is right when it comes to Palo Alto forwarding packets to an in...

XFF IP Address Logging clarification and impact

I would like to view XFF IP Address in the Logs. I went through a few articles and have a few clarifications: https://docs.paloaltonetworks.com/network-security/security-policy/administration/identify-users-connected-through-a-proxy-server/use-xff-values-for-ip-based-security-policy-and-logging https://docs.paloaltonetworks.com/network-securit...

ET_0-1778692034141.png
ET by L3 Networker
  • 275 Views
  • 2 replies
  • 0 Likes

Ruckus vsz Syslog and User-ID Agent

Hello community, this topic has been on my mind as well. I already searched the forums, but unfortunately I couldn’t quite make sense of it. Which setting do I need to configure on a VSZ 7.1.1.0.872 for the syslog server? Take a look at the image, please! Or rather: will I then see these entries in the syslog that ends up on the Palo Use...

2026-05-11_08-41-10.jpg

Design active passive connected with vrrp switches

Design active passive connected with vrrp switches for physical connection and AE i want to connect full mesh topology but want to confirm it's working like stack switches. PA1 > (2 links sw1,sw2) PA2 > (2 links sw1,sw2) so for aggregation to i can assign port to the AE. thanks.

Configuring XFF logging without a URL Filtering License

1. Create a Custom URL Category with * under ‘sites’ (Objects >> Custom Objects >> URL Category >> Add) 2. Create a URL Filtering Profile & set your Custom Category action to “alert” (Objects >> Security Profiles >> URL Filtering >> Add) Tick the box to log XFF on the ‘URL Filtering Settings’ tab… ...

1.png
2.png
3.png
4.png
  • 24349 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks