General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! Skype-Probe Problem

Hi All,

It's again me, with my issues! :smileygrin:

I was asking for this issue once, but didn't find any solution.

So there were going Skype-probe requests to an XXXX.XXXX.XXXX.XXXX ip address with application(Skype-Probe).It took one week.Then when w

...

I've noticed an incomplate request to 111.111.111.111

Hi Guys,

On PAN's Monitor tab i've noticed that one of our hosts(user's computers) send periodically some packets to 111.111.111.111 and receive any packets.on Application tab it stays incomplete!what is the shit?Did anyone have the problem like this?

...

Is there a similar service like IP SLA so the firewall can change default routes as a result of a certain condition

I was just curious...if I have 2 internet feeds but am not peering - I use ip/SLA to guanratee service. If a ping to 4.2.2.2 fails, it drops the current default route and the other default route with the higher AD is the active default route.

Is ther

...

DNS not DNS? Strange UDP 53?

I am seeing a huge amount of traffic outbound from my DNS server that seems to be being dropped by the firewall. Its being dropped because my application rule says "allow DNS server to talk DNS to the internet", it doesn't match that (because its not

...

Resolved! AD Group for Authentication

Let's say I have 150 users in an AD group and I need to give them all login access to my Palo Alto device farm. How do I do that?

Inconsistent documentation on zone protection

Hello,

Palo Alto's documentation is inconsistent on the behavior of flood protection when it is applied by a zone protection policy.

1) "Threat Prevention Deployment Tech Note - Version 2.0 RevA", page 44 says that the zone protection based flood prote

...

Resolved! Source and Destination NAT at the same time

Hallo

Before going to my question, please assume the following scenario:

There is a Non-Palo Alto Firewall in internet (lets call it FW-Extern). There is another Non Palo Alto Firewall inside my network (lets call it FW-intern). The FW-Extern initiates

...

Pa VPN IPsec

Hi,

i have a question regarding the VPN IPsec on Paloalto , is palotlo must be in front end when configuring the PA

Regards,

Sarah

Resolved! URL filtering - incosistency with online BrightCloud database

Hello.

A while ago website www.rk-celje.si was recognised as malware-site. But in last couple of months the website seems to be clean and online BrightCloud lookup (URL/IP Lookup | Webroot BrightCloud) recognises it as 'Trustworthy' and categorizes it

...

i created a policy to allow 1099 and 9002 for many servers. but it is working for few servers only not for all and few 1099 is working but not 9002.

Resolved! Sophos HIP Requirement for GlobalProtect

Trying to add Sophos End Point Security and Control as a HIP requirement to be installed for users connecting with GlobalProtect. Sophos End Point Security and Control is not showing up as a vendor in the list. Sophos Antivirus is in the list but is

...

Resolved! IPS - new signature's action set to default instead of the action specified in rule

Hello.

I have a general IPS profile with a rule (named block-crit,high) which includes all signatures with severity 'critical' and 'high'. Action for the rule is set to 'block'. I have automatic updates on for IPS signatures. Yesterday a new signature

...

Scansafe to PANDB URL Category Mapping

Hi All,

I'm searching for the mapping between Scansafe and PANDB URL categories.

Scansafe categories to be found here:

Web Filtering Categories - Cisco

Thanks for any input you can provide.

Stijn

Response Pages Customized not working

Hi,

i have customized a response page for application blocking. I have uploaded my customized page in "shared" and enabled But i try to access to any app not allowed like facebook and the page is not being showed...

my PANOS is 6.0.4

thanks

opaque: "Disk usage exceeds limit, 98 percent in use, cleaning filesystem"

Hi Guys,

What should i do? who can help me?

Thanks in advance

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Resolved! Skype-Probe Problem

I've noticed an incomplate request to 111.111.111.111

Is there a similar service like IP SLA so the firewall can change default routes as a result of a certain condition

DNS not DNS? Strange UDP 53?

Resolved! AD Group for Authentication

Inconsistent documentation on zone protection

Resolved! Source and Destination NAT at the same time

Pa VPN IPsec

Resolved! URL filtering - incosistency with online BrightCloud database

i created a policy to allow 1099 and 9002 for many servers. but it is working for few servers only not for all and few 1099 is working but not 9002.

Resolved! Sophos HIP Requirement for GlobalProtect

Resolved! IPS - new signature's action set to default instead of the action specified in rule

Scansafe to PANDB URL Category Mapping

Response Pages Customized not working

opaque: "Disk usage exceeds limit, 98 percent in use, cleaning filesystem"

Upgrade from version 10.2.7-h8 to 10.2.11-h2

IPSec setup with certificate

UNABLE TO PING MANAGEMENT INTERFACE FROM LAN

Site flagged as GRAYWARE Please Help!!

HA State is "not sycned" even though Sync Task is completed on Peer (Passive) Gerät)

Support Portal is down.

Error while logging into PaloAlto Support Website

Re: User ID agent not starting.

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Re: Sofware Upgrade broken? "An active license is required for this feature"

Unlock your full community experience!

Resolved! Skype-Probe Problem

Resolved! AD Group for Authentication

Resolved! Source and Destination NAT at the same time

Resolved! URL filtering - incosistency with online BrightCloud database

Resolved! Sophos HIP Requirement for GlobalProtect

Resolved! IPS - new signature's action set to default instead of the action specified in rule