This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

VPN Status

hey alli have a 2 sites and we have between them 2 VPN tunnels (different ISPs) and on top of the VPN i am running OSPFfor some reason i see a lot of times that the IKE Gateway status is RED , but on the SSH i do see that i have an IKE-SA.what i notice is that after i run "test vpn ike-sa gateway Boston-HOT" on one PA the status goes to GREEN , ...

vpn status.png
minow by L4 Transporter
  • 2297 Views
  • 2 replies
  • 0 Likes

Problems Removing Commit Locks

Our Panorama is running PANOS v7.1.6 and is configured to "Automatically Acquire Commit Lock". We have several firewall system administrators. If anyone of us makes a change, a commit lock is automatically taken for the user who makes the change. Two questions: 1.) If I make a change, a commit lock appears for me. If another administrator makes ...

Proper SNMP v3 Configuration

Hello, One of our customer is having "Palo Alto Networks PA-500 Series Firewall".For SNMP v2 all ok, but customer wants to start using SNMP v3.Please, advice with setting proper SNMP v3 to monitor from Zabbix. I`m not familiar with Palo Alto devices. 😞

FSC_DS by L0 Member
  • 3996 Views
  • 2 replies
  • 0 Likes

Apply new evaluation license to exiting VM

I have a VM where evaluation license has expired .when try to download software complains not registered.We have new eval license. a team member has gone and register uuid and cpu id from the exisiting vm and has got new serial number. but the vm still saying not register. i have deleted all the old licenses.

What is an advantage of purchasing VM-200?

https://www.paloaltonetworks.com/content/pan/en_US/products/product-comparison.html?chosen=vm-200,vm-100 If I compare these two model, specification is same, but the price is different between both two. (VM-100 is cheaper)What is an advantage of VM-200?Please tell me answer within two scenarios. #1.If I want new virtual device (w/ PANOS 8.0), no...

emr_1 by L5 Sessionator
  • 2492 Views
  • 2 replies
  • 0 Likes

Resolved! Clientless Remote Access VPN

Hello,We've just purchased a PA-3020 in order to replace an old Checkpoint. We have a few site-to-site VPN, and some other VPNs using a Checkpoint client. I would like to get rid of the clients and use some king of clientless VPN, so I won't be bothered by the OS (which kind of Windows is supported by GlobalProtect client, do the partner have ad...

Resolved! Securing YUM

Currently there is a requirement for all our remote linux servers (Which have static IPs and numbers around 250) to have access to various public YUM servers. The public YUM servers (I am told) cannot be defined statically because they constantly change. Our Corporate Security Policy does not allow web-browsing from servers, such as our remote l...

Feature Request experience

Hello, How many of the community members have submitted feature request(s) and implemented ? How long did it take for the FR to get implemented ? Thanks for sharing,

panos_syslog IP indicator - withdraw

I am trying to create an IPv4 indicator list based on PAN-OS threat logs. Below is the rule code attached to the syslogminer class stdlib.syslogMiner. RULE: age_out: default: last_seen+30d interval: 1800 sudden_death: falseattributes: confidence: 50 type: IPv4conditions: - type == 'THREAT'config: share_level: green fields: nu...

MineMeld real-world usage to reduce threats?

So far I'm using MineMeld to pull Dshield and Spamhaus feeds to use to block inbound connections to our internet facing servers. Whilst there are loads of miners I'd love to know which ones people have found "safe" enough to use on production inbound and outbound traffic/rules and how much of an impact it's had - with 70 or so miners to choose...

Global Protect Windows 10

Hey experts!I have a new Windows 10 notebook and Global Protect Client 2.3.4-4 installed.However, the connect button is greyed out.I read on the Palo Alto site that the recommended minimum agent version is 3.0.3.So is the problem my 2.3.4 version? Doesn't it work with Windows 10?

MPI-AE by L4 Transporter
  • 5305 Views
  • 7 replies
  • 0 Likes

Create a miner to mine from Autofocus MineMeld

Hi, with the release of PANOS 8.0, Autofocus will have a minemeld build in. May I know if we can have a on premise minemeld to fetch the feeds from the Autofocus Minemeld? I tried to grab the minemeld feeds but it shows me unauthorized access. Do we need to have a api keys for this? Would there be plugin for this? Thanks

Resolved! zone name limited up to 15 charaters

Hello, Does anyone else think the 15 characters limit on zone name is a bit short? I submitted a FR and got rejected by PM already. since FR is based on customer feedback / vote. I hope other partners or customers had the same feeling to voice up and let's their SE know we want zone name longer than 15 characters!

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks