This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4246 Views
  • 0 replies
  • 0 Likes

Native RADIUS accounting, a welcome feature

This week i was asked to configure radius accounting as a source for user-ip mapping. I was very surprised to see that this is not nativly supported. In lots of ways it is the one of the nicer ways to be able to get user-ip mappings. And as other vendors do have this implemented i assumed PA would surly have it as well... Even though there are w...

Resolved! Unable to Create Encryption Setting

Hello Community, Can someone please tell me why when ever I try create an Encryption setting aes256, as shown in the image, it defaults to aes-128-cbc I'm run PA-VM software version 7.0.6 Thank you Carlton

aes256.png
aes128cbc.png

Getting Started: Layer 2 Interfaces

I have installed a VM-100 and was able to configure the management interface. When I go under the network tab all interfaces are showing as down. How do I get an interface to go into an up state?

Resolved! Google QUIC traffic blocked?

We're getting a lot of blocked traffic on UDP port 80 and 443. From looking into it this is Google's new QUIC protocol over Chrome. What is everyone else doing in this case? I'd prefer not to allow all UDP traffic over port 80 & 443. Any chance off an App-ID for this?

pmc by L2 Linker
  • 11436 Views
  • 5 replies
  • 1 Likes

Unexpected proxy ARP from NAT policy

Hi there, I had an interesting go round with PAN support involving proxy ARP and source NAT. Background: I don’t use the PAN for public ingress/egress traffic, for me it is for internal DMZs only. As such, I’ve not had the opportunity to utilize the NAT policy features. Things do change however and now I’m at a place where I plan on using t...

msullivan by L3 Networker
  • 5573 Views
  • 2 replies
  • 2 Likes

Licensing Costs

Hello Community, Can someone give me a general guide as to license costs. For example, if I wanted purchase, URL Filtering license or Antivirus or Anti-spyware license for a year, how much would that cost me as an individual as opposed to a corporation or a business? Thanks

Global Protect's lack of connection profiles is making everyone at my company very sad

We're in a situation where we have mutliple PA firewalls deployed and many of them have their own GP SSL VPN set up (e.g. Manangement range, lab, severeal different customer "islands"). The lack of "connection profiles" within the GP Client is a real pain point for us. We've talked to our client reps about this several times, including making ...

melliott by L1 Bithead
  • 8537 Views
  • 5 replies
  • 4 Likes

Resolved! Anti-virus Block Option Not Available

Hello Community, I would like to set an Antivirus action to 'Block', but for some reason that option isn't available, see image. However, it has been available on my other PA-VM. Can someone explain why I can't see that option here?

block.png

GP client doesn't populate the gateway after installing

When users download the GP client from my portal and install it, the gateway field is blank. I've configured the gateway in the Globalprotect Portal>Agent Configuration>Gateways. Is there a way to have the gateway information pre-filled?

Maxstr by L3 Networker
  • 2546 Views
  • 3 replies
  • 0 Likes

Timeout while waiting for response from agent.

Hi All, We are using kaseya for monitoring palo alto firewall it was working fine month back but suddenly it stopped and we are getting "Timeout while waiting for response from agent." for all the montors we set up for the anyboady know the solution for this? Regards, Kotresha

IPSec traffic being treated as "ciscovpn" applicatoin

Hi, Having an issue with IPSec tunnels. Sometimes (not all the time), phase 1 can't be established because IKE traffic is being treated as "ciscovpn" instead of ike and being discarded. Once I clear the session, the next session establishes correctly and works perfectly fine. Both sides of ipsec tunnel are terminated on Cisco routers. Is there a...

allarm by L0 Member
  • 6194 Views
  • 10 replies
  • 0 Likes

Resolved! Ageout

Hi all, I was able to ping external server from firewall and getting reply back from the server without any issues, however in firewall log it's showing aged out. Anybody know the reason behind this?why we are getting agedout after proper response from the external server?? Regards, Kotresha

Resolved! Override Loopback Interfaces pushed from Panorama

Hello, Is there a way to modify Loopback Interfaces in firewalls previously pushed from Panorama ? We cannot override it in the GUI with the override Button ? Tryed in 7.0.7 amd 7.1 Is this a supported Feature ?

rekuhn by L2 Linker
  • 3288 Views
  • 1 replies
  • 0 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks