General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Blocking Opera

Hi there,

I’ve recently discovered that some users have downloaded Opera and with this they can have unfiltered internet access. I am going to remove this software from the PCs but wanted to know if there is a way I can block this traffic using my

...

Error UserID

Hi, my users are having a error. sometimes when they try to access to any web, suddenly, the captive portal is shown (even if they are logged in domain). If they put the credentials in captive portal the web works and also if they logoff/logon the wi

...

Resolved! Report-based Logging Without Interfering With Policies

Hi PANland, I'm back with another implementation question th

So PAN devices log when you tell them to, but for their reports feature it seems that with or without logs they will keep unmutable counters of very basic information that has to be parse

...

Resolved! Can't remove vsys specific SSL TLS Service Profile

This is a strange issue.

PA-3020 recently upgraded to 7.0.4. The firewall is in single vsys mode.

I installed new SSL certificates for Global Protect. Somewhere during the process of installing the new certificate and upgrading to 7.0.4, an ssl

...

ESM service account rights

When I try to install the ESM core and console with a service account that does have the logon as a service rights but not administrator rights, I keep running into issues. As I don't like to grant full admin rights to a service account on a box I'd

...

Resolved! How do I identify which PC made a suspicious DNS query?

Hello

I have setup the Anti-Spyware Profile in our firewall and I have a lot of threat logs of type spyware suspicious DNS queries from a domain controller machine and this is cleansed.

Monitor > Logs > Threat list

As you can see I have configure

...

Resolved! Cisco VPN traffic

If a vpn tunnel has been successfully established from a cisco device and passing through the PA firewall, is it possible for the PA to still drop the traffic destined for the established tunnel?

Resolved! URL Filtering - Exception Policy based on Machine

Need a way to except a machine from the URL policy. Currently I can only find a way to except a user level however, I have one machine that is not on the domain that is used to communicate to several external services.

Shadow rule warning messages

Hi All,

I have PA-5050 with version 6.0.9 with multi Vsys. I am migrating from perticular Vsys configuration from PA-5050 to PA-3050 physical box. I exported the config from one Vsys from PA-5050 to PA-3050. While committing on PA-3050 I can see sh

...

HA Preemption and Session Syncronization - you need HA2

For whatever reason I didn't see the need to configure HA2. But while testing HA I could not get preemption to work. I read everything I could find online and got frustrated that it would not let the designated firewall take back control automaticall

...