This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4121 Views
  • 0 replies
  • 0 Likes

Nested Policies Suggestion

Not really sure where to put this, but thought it might be a good idea and wanted to share it. Im still rather new to PA and so far I am enjoying it! However, I noticed after a while of creating and editing security policies it becomes quite a mess and difficult to manage. I believe if there is a way to create folders or nested security policies...

aimet by L0 Member
  • 2168 Views
  • 1 replies
  • 0 Likes

Two-factor PAN webconsole authentication

Hi,I would like to use a two-factor authentication for the administrators when they access the PAN-500 web console.With an authentication sequence I can use 2 ways to authenticate but I want to force the use of both. Is that possible?

Oasen by L0 Member
  • 5391 Views
  • 3 replies
  • 0 Likes

PANOS 71.2 GLOBAL PROTECT 3.0.2 Gateway Protocol error. Check server certificate

Hello, I'm using GP 3.0.2 on a Win7 PC (PAN OS 7.1.2). I'm getting error 'Gateway x.y.z: Protocol error. Check server certificate.' error message. I have already reinstalled the client on my computer. Same error message. My colleguea, using WIN 10, can connect without any problem. Using Dual Factor Authentication (Vasco and LDAP). Both authen...

licenselu by L4 Transporter
  • 2608 Views
  • 1 replies
  • 1 Likes

Cipher suites decryption 7.1

Hi guys, Configuring inbound SSL inspection on 7.1, decryption does not work with the newly supported cipher suites shown in the document below. https://live.paloaltonetworks.com/t5/PAN-OS-7-1-Articles/PAN-OS-7-1-Supported-ciphers/ta-p/71969 Only the cipher suites shown in the document below again work. The document above states that ECDHE...

Virtual System licensing question

Hi guys, I have never installed a virtual system so I am wondering how licenses for the Antivirus, URL filter etc are applied, are these applied to the base firewall or do we need to get a license for each virtual firewall hosted on the virtual system? Gerry

SSL decrpytion and TeamViewer

I was wondering if TeamViewer uses certificate pinning so I tried to decrypt it. I've set a simple decrypt rule to decrypt everything from one IP going to internet. But the rule doesn't seem to work for TeamViewer. All SSL sessions are decrypted but teamviewer-base isn't. I've also tried sharing file over it and I didn't see it in data log, also...

santonic by L6 Presenter
  • 4340 Views
  • 2 replies
  • 0 Likes

How to Remove Configuration Lock

Hi, How can we remove the configuration done on PAN by other admin, which has not been yet committed, but shows up on the configuration locks? Best regards, B.

Besfort by L2 Linker
  • 2876 Views
  • 1 replies
  • 0 Likes

No User ID in traffic logs (unless I filter soruce user afterwards) and User activity report blank

Has any one expereinced any issue to where the ACC shows source user-id but when ser report is ran its blank? Equallu I do not se user name in Traffic logs but when I filter by source user the name shows up. I tried restarting agent and everything still no luck. I also can see user name in User ID agent on windows machine

Dangers of creating a permiscuous IPSec VPN ( responder only) VPN

We have a business partner that wants to create an IPSec VPN tunnel with our PA-5050 using pre-shared keys, but they don't want to provide a Public IP address for us to peer with. Their other clients configure the remote peer address of 0.0.0.0 basically allowing any remote IP as a peer. My spidey sense is telling me this is a bad idea. The...

fmurray by L1 Bithead
  • 4091 Views
  • 2 replies
  • 0 Likes

What Firewall Change Management software is working with a PAN ?

Hi,Is there anyone that can tell me which Firewall Change Management ( Skybox, Tufin, Algosec,.... ) is REALLY working with a PAN ?Most of them claim they can do it, until you test it... nothing works...Some of them announce PAN support for next year.I would like to get in touch with someone who has really done this kind of integration and who i...

Resolved! DAGPusher and DAG

Luigi, Can you confirm DAGPusher name should match tag for DAG in PAN-OS? I can't have the DAG updated with Minemeld indicators Thanks Bertrand

Resolved! Site-To-Site VPN to VMWare VShield Edge?

Greetings all. We're in pre-deployment for our firewall and I'm attempting to get an Site-To-Site VPN tunnel set up to our VShield Edge setup in the cloud. I have a tunnel established but we can't seem to get anything across it. Troubleshooting so far: Verified on the Traffic Monitor I can see my pings going from my inside trusted zone to ...

jsalmans by L4 Transporter
  • 4751 Views
  • 2 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks