This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4228 Views
  • 0 replies
  • 0 Likes

Resolved! Device - certificate based authentication

I am attempting to implement this in my home lab. Has anyone done this? Basically the situation where if a device connects to the network, it should have a certificate installed from my CA. If it does not, then a security policy (or other policy) should deny the device network traffic. Some articles suggest the use of GlobalProtect but I do not ...

DHCP Realy

Hello, I have an issue related to DHCP Relay, I configured it on my Palo Alto to allow users to get IP from the DHCP server behind the Palo Alto but it not working can anyone help me how can I troubleshoot this issue to check if this issue from Palo alto side or not

amr.ali by L0 Member
  • 1871 Views
  • 1 replies
  • 0 Likes

Resolved! SSO Palo Alto Support Portal

Hi everyone,is it possible to have SSO Accounts (Azure AD) and non SSO Accounts simultaneously in the Palo Alto Customer Support Portal (CSP)?In the future, we want to have one set of SSO Accounts and a pair of Emergency Accounts (non SSO), if the ISP is not available.Kind regards.

Resolved! Can't find the "Republic of Kosovo" in the "Firewall Region Code Legend"

Hey, new to the community today! I've searched the LIVEcommunity discussions and the web, but couldn't find any solutions or anything related to such a problem. We have geo-blocked every country in the world by default and add countries to an exepction rule whenever needed. Today I was asked to grant a client access from the Republic of Kosovo...

WildFire auto update agent failed to download Wildfire version 865169-869036

Hi , i receive alert through email that the WildFire auto update agent failed to download Wildfire version 865169-869036 on April 16 2024 at 15:01:48 GMT , 23:01:48 , 16:23:01:48 but when i go through the System logs, it doesn't show the version 865169-869036 is failed to download or success to install. a newest successfully wildfire packag...

alert.png

Resolved! PAN-OS 10.2 PPPoE on Layer 3 Sub-Interface?

Is there any way to get PPPoE working on a Layer 3 sub-interface in Pan-OS v10.2? I recently purchased a PA-220 for personal/study use. My ISP, Century Link, provides Internet access via VLAN 201/PPPoE. I'm currently running an ASA 5506 at the edge, which handles this configuration just fine. I'd like to swap it for the PA-220 but it seems l...

Trial copy

Hello . How to get trail copy of panos /firewall ? for kvm shrikant pune-india Thanks

shrikant by L2 Linker
  • 1650 Views
  • 4 replies
  • 0 Likes

Issues running VPN for UI Debian distribution

Hi all, I'm running 64-bit Debian Bookworm on a Raspberry Pi 5 and if I try running sudo dpkg -I GlobalProtect_UI_deb-6.1.4.0-711.deb, I get the following output in the terminal: electing previously unselected package globalprotect. (Reading database ... 128244 files and directories currently installed.) Preparing to unpack .../GlobalProtect_U...

decrypt-unsupport-param error with no decryption

We are receiving a decrypt-unsupport-param to a specific destination with no ssl inspection applied. I created a no decrypt rule and didnt apply a decryption profile so we weren't checking for expired or untrusted certs either. There is also nothing in the decryption logs for this destination IP address (we only log on failure) If I filter and...

Claw4609_1-1687892072473.png
Claw4609_2-1687892097915.png
Claw4609 by L5 Sessionator
  • 10453 Views
  • 5 replies
  • 0 Likes

Site-To-Site VPN Question

If we deploy a Site-To-Site VPN to one of our remote locations with a Palo Alto NGFW will our main hub firewall control the Threat/URL, etc... and Security/NAT rules for the other Palo Alto?

Doubt about migrate FW to Panorama

Hello team, I have a cluster of FW and Panorama both in version 10.2Tomorrow I will migrate a FW cluster to be managed from Panorama following the following KBhttps://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClZSCA0Reviewing it, I have the doubt of when I should enable the option for the FW to receive the policies and ob...

Alpalo_0-1720698871940.png
Alpalo_1-1720699039382.png
Alpalo by L4 Transporter
  • 1291 Views
  • 1 replies
  • 0 Likes

Resolved! Is there any way to apply multiple interface management profiles

I have an interface management profile that allow HTTPS, SSH and PING on an untrust interface for specific IP addresses. My ISP cannot monitor this interface because their monitoring IP addresses are not in the list of permitted IP address. I don't want to add their IP addresses because I do not want these IP addresses to have SSH or HTTPS acces...

A.Rith by L1 Bithead
  • 2027 Views
  • 1 replies
  • 0 Likes

How to export disabled rules in Panorama

Hi All, I'm new here and was wondering if I could get some help on this. I am looking to export some rules including disabled rules in Panorama but what happens is only the live rules get exported though I did include the disabled rules. Can I please get some help on this. Thank you all. Nana

mnkpabi by L0 Member
  • 1707 Views
  • 1 replies
  • 0 Likes

Single sign-on-error

I am not able to create any case on support portal and getting the following error: "We can't log you in because of an issue with single sign-on. Contact your Salesforce admin for help." Kindly help

Shyamb by L0 Member
  • 5028 Views
  • 4 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks