This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4432 Views
  • 0 replies
  • 0 Likes

How do I get a website's risk level lowered, since we know it is safe?

Earlier this week, I submitted a website that was blocked because it was categorized as malware incorrectly. This was corrected very quickly. Now that same website is blocked because it is listed as "high risk". We know that it is not. When I tried to use the same method to change the category, the message tells me I need to contact support to...

lloving by L0 Member
  • 2759 Views
  • 4 replies
  • 1 Likes

Resolved! Push Scope isn't showing and Commit button grayed out after upgrade Panorama

Hi, I'd like ask about the problem after upgrade our Panorama to newer version (11.0.4-h2) Before the upgrade, I can directly commit and push to the device without any problem after making some changes in policy. However, after the upgrade, I need to manually select the push scope under "Edit selections" and then we can commit it. Things to ...

KhoaDang by L1 Bithead
  • 2969 Views
  • 3 replies
  • 0 Likes

Resolved! Security policy not working properly

Dear Friends, We have a customer who created one security policy and in that security policy he added only firewall and Panorama IP as source IP address. Issue is that, when we are looking at the traffic logs then in that logs traffic of different source IP is also showing in that security policy which is not allowed in that policy apart from ...

could not unlock user

Hello, I'm sure this has been asked before, but I can't find an answer. Get a message of "could not unlock user" via gui. Is there any way to unlock an individual user via CLI? I'm on PAN 10.2.6 Thanks Rich

rcraxton by L2 Linker
  • 2572 Views
  • 3 replies
  • 0 Likes

Resolved! I am having Pan-OS integarted user Id

For some reason the Agent stopped working on the end user computer. when i checked the event log i came with an error for the id 10036 ( The server-side authentication level policy does not allow the user domain\user SID (X-X-X-XX-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXX-XXXXX) from address xxx.xxx.xxx.xxx to activate DCOM server. Please raise the activa...

PavanT by L1 Bithead
  • 84732 Views
  • 18 replies
  • 2 Likes

Replacing PA-5220 with a PA-3410 and need the best practice to migrate over configuration

Replacing PA-5220 with a PA-3410 and need the best practice to migrate over the configuration. Obviously the network interfaces are different and will require some cleanup, that and I know to match the PAN OS in the devices to avoid possible complications. Having not done this before what else should I look out for? Thank you!

Scolan by L0 Member
  • 4196 Views
  • 6 replies
  • 0 Likes

Resolved! trouble with GRE tunnel to Netskope

Scenario: Panorama managed VM-700s. 10.2.9-h1. using template stack. Netskope is a cloud web proxy. We setup new tunnel interface, GRE tunnel, static route, network monitor, allow rule, no-NAT rule, and PBF. We use a PBF because Netskope requires it. Clients don't go down the tunnel. I can't ping the probe IP from the clients nor from the f...

Filter manged devices summary by tag in Panorama

Do you know of a way to filter the searches of Manged Devices | Summary in Panorama. You can assign tags to devices, but it is not very useful, if you cannot filter by exact tag tag. You can search by the tag name, but it will only show any other results, e.g. device group or templates, which match the string. We have a few hundred devices and i...

2020-11-23_11-17-50.jpg
batd2 by L4 Transporter
  • 3920 Views
  • 4 replies
  • 0 Likes

Global Protect gateway configuration

Hi Guys I'm hoping someone can help me with an issue that is constantly being reported by our users. We have Global Protect rolled out to all of our users. On a regular basis, perhaps 2-3 times per week, I come across reports of slowness, poor performance, etc. Speed test download speeds with GP enabled show between 5-25Mb, but when GP is disa...

Specify IAAD for DHCPv6

Hi, I'm in the process of implementing a PA VM with full IPv6 on a Danish ISP. In order to get the /48 IPv6 prefix that they offer, I need to request it using a DHCPv6 client. However, it seems the ISP requires the DHCP request for prefix delegation to have IAID of 1. This works fine when testing with a linux running dhcp6c, where I can manu...

Ssl outbound decryption

Hello, when a client want to connect to a serveur on thé Internet ,the Palo Alto Networks device intercepts the client SSL request and generates a certificate on the fly for the site the client was visiting. In this step what will be the intermediate chain and the root chain of this new certificate? The same as the server on the internet? Which ...

Sarou22 by L2 Linker
  • 970 Views
  • 1 replies
  • 0 Likes

Unable to register for workshops

Hi All, Whenever I try to register for an event or workshop held by Palo Alto, I'm getting an error "Sorry, you cannot RSVP to this event with this email". Kindly help me resolve this issue. Regards, Shahwaz

  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks