This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

Netflix iOS tcp-rst-from-client

I'm having an issue with Nexflix not running on an iOS device behind a new PA install. Basically no filtering should happen from the PA at all; Nexflix runs fine with no PA in line. The configuration, which has most other applications and web access working: PA-3020, V7.1.4-h2 with 610 definitionsVirtualwire mode, with allow any, no profiles or ...

stuart.l by L2 Linker
  • 4058 Views
  • 1 replies
  • 0 Likes

Resolved! IKEv2 and PPPoE

Hello, Is there a limitation within the ipsec subsystem on the PA? Not being able to assign the ip address assigned to the unit via PPPOE to the tunnel. As below I have setup a static address on the interface, which is not available above: Thanks in advance.

IKE.png
Farzana by L4 Transporter
  • 4946 Views
  • 3 replies
  • 0 Likes

Resolved! Handling Google Mail (1e100.net)?

So our organization makes use of Google's cloud services as our email provider and it's a nightmare trying to control on the PA's as they don't accept wildcard's for IP's nor FQDN's. Challenge here is Google seems to send emails (SMTP) to every **bleep** *.*.*.26 and *.*.*.27 address on the planet (1e100.net servers) and gets old coming in ever...

PeterT by L2 Linker
  • 12387 Views
  • 11 replies
  • 0 Likes

Validation Error: profiles -> url-filtering -> <profile> -> license-expired Not available for PAN-DB

If during the switch from Brightcloud to PAN-DB the URL categories fail to migrate you will get a commit error on each profile that retains the Brightcloud URL categories. Validation Error:profiles -&gt; url-filtering -&gt; &lt;Profile Name&gt; -&gt; license-expired Not available for PAN-DBprofiles -&gt; url-filtering -&gt; &lt;Profile Name&gt; ...

Walhovd by L0 Member
  • 3908 Views
  • 1 replies
  • 3 Likes

GP Disconnects

Greetings, I am not sure if someone else has come across this issue before with global protect and just wanted to run by some of you guys. The issue that I am having with GP is that it randomly disconnects. The VPN connection perform fines when under relatively light load with no issues or disconnects. The issue arises when you begin to push the...

Traps - Change existing rule ID number

Hello All, It would seem to me that you are unable to modify the rule ID value of an existing policy in traps.Has anyone had any experience with this? I suspect you would be able to export the rule set, modify the XML, then re-import, but I was hoping for a way to just modify the ID number in console. Issue being, that although when new rules ar...

Ronen by L1 Bithead
  • 1969 Views
  • 1 replies
  • 0 Likes

Office 365 - not updating indicators for onenote, identifty planner, crl's

MineMeld is not retreiving indicators for o365 onenote, identity, planner, sway, office 365 video, crl's runing version 0.9.20. Is anyone having this issue? I've installed a second server fresh install of MineMeld and i'm seeing the exact same issue: Polls via logs but does not parse the data 2016-09-20T18:03:14 (4124)basepoller._poll...

onenote.PNG

VM-firewall available to create subinterfaces

Hello Community, I need to know if it is possible to create subinterfaces in the firewall, when the hyper visor is azure ? Because I need to configure subinterfaces and I can not see the option to create them. Best RegardsAndres Padilla

Apadilla by L3 Networker
  • 1841 Views
  • 1 replies
  • 0 Likes

Resolved! Application version 614

Hello Guys, New emergency application version is out 614. Checking the release notes not clear for me what exactly changed. I can see that Palo modified vulnerability signature. Ok what is it? and if l need this to be installed. Could someone clear it for me? Thanks all,Myky

APP release 614.PNG

Resolved! Quick Licensing Question

Does anyone know if I need to renew the GlobalProtect Gateway subscription if I'm currently only using IPsec Tunnels and have no plans on using the actual GlobalProtect Portal or Gateway on this particular set of devices. This is Post 7.0 since that seems to make a difference.

BPry by Cyber Elite
  • 2510 Views
  • 2 replies
  • 0 Likes

Third Party Remote Access VPN

Is there an official list of supported third-party VPN clients for remote access? Specifically is any version of the Windows native VPN client officially supported? Thank you,

Force updating and installing PanDB URL

Hi, In previous version to 7.0.x we went to DEVICE-&gt;DYNAMIC UPDATES-&gt;UPDATE URL FIltering packet. but in the new version i can see anything related to URL filtering PANDB update. How can i force my PA to download and install new DB URL PA1(active)&gt; show url-cloud statusPAN-DB URL FilteringLicense : validCurrent cloud server : s0300.urlc...

LSVPN Tunnel Lifetime

We have 1 LSVPN Tunnel that is disconnecitng everyday and reconnecting daily at same time. Is there a parameter I can adjust to make the tunnel active 24x7? Thanks

GUI Authentication via LDAP

Hi, i have followed the procedure to configure and it works as long as in the authentication profile the allow list is set to "all". The user is present in the administrators list, and i can login using my domain user password. Problem is, i want that to work against an AD group not "all". If i set a group mapping pointing to a specific AD grou...

myrdin by L2 Linker
  • 2522 Views
  • 2 replies
  • 0 Likes

Resolved! Integration Palo Alto PAN-OS v7.1.X. using Custom Log Format and improve QRadar (LEEF)

Hello Everyone!We have the following devices:QRADAR Version 7.2.7Palo Alto Firewalls PAN_OS 7.0.9Panorama PAN-OS 7.0.9Palo Alto Custom Log Format LEEFIf I use the "Custom Log Format" for setup my Syslog Server Profile, as you have shown us in the link I put below:http://www.ibm.com/support/knowledgecenter/SS42VS_7.2.7/com.ibm.dsm.doc/t_dsm_guide...

lqs6cDV
SOC_CSG by L4 Transporter
  • 6679 Views
  • 3 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks