This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4433 Views
  • 0 replies
  • 0 Likes

decrypt-unsupport-param error with no decryption

We are receiving a decrypt-unsupport-param to a specific destination with no ssl inspection applied. I created a no decrypt rule and didnt apply a decryption profile so we weren't checking for expired or untrusted certs either. There is also nothing in the decryption logs for this destination IP address (we only log on failure) If I filter and...

Claw4609_1-1687892072473.png
Claw4609_2-1687892097915.png
Claw4609 by L5 Sessionator
  • 10563 Views
  • 5 replies
  • 0 Likes

Site-To-Site VPN Question

If we deploy a Site-To-Site VPN to one of our remote locations with a Palo Alto NGFW will our main hub firewall control the Threat/URL, etc... and Security/NAT rules for the other Palo Alto?

Doubt about migrate FW to Panorama

Hello team, I have a cluster of FW and Panorama both in version 10.2Tomorrow I will migrate a FW cluster to be managed from Panorama following the following KBhttps://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClZSCA0Reviewing it, I have the doubt of when I should enable the option for the FW to receive the policies and ob...

Alpalo_0-1720698871940.png
Alpalo_1-1720699039382.png
Alpalo by L4 Transporter
  • 1319 Views
  • 1 replies
  • 0 Likes

Resolved! Is there any way to apply multiple interface management profiles

I have an interface management profile that allow HTTPS, SSH and PING on an untrust interface for specific IP addresses. My ISP cannot monitor this interface because their monitoring IP addresses are not in the list of permitted IP address. I don't want to add their IP addresses because I do not want these IP addresses to have SSH or HTTPS acces...

A.Rith by L1 Bithead
  • 2074 Views
  • 1 replies
  • 0 Likes

How to export disabled rules in Panorama

Hi All, I'm new here and was wondering if I could get some help on this. I am looking to export some rules including disabled rules in Panorama but what happens is only the live rules get exported though I did include the disabled rules. Can I please get some help on this. Thank you all. Nana

mnkpabi by L0 Member
  • 1742 Views
  • 1 replies
  • 0 Likes

Single sign-on-error

I am not able to create any case on support portal and getting the following error: "We can't log you in because of an issue with single sign-on. Contact your Salesforce admin for help." Kindly help

Shyamb by L0 Member
  • 5222 Views
  • 4 replies
  • 0 Likes

OCSP Service Temporarily Unavailable

Hi team, I have configure an OCSP responder on my Panaroma, I do all the step of the documentation https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/certificate-management/certificate-revocation/online-certificate-status-protocol-ocsp. But when I generate an OCSP request, I recieve this :openssl ocsp -issuer cert.pem -cert cert.pem -...

Threat logs from DNS Proxy zone not showing source IP

We use DNS Proxy on 3 of our zones with the firewall IP as the address that the traffic is proxied to. In other words, the firewall proxies the network traffic with it's own IP address. However, in the threat logs, we have some threats that do not show the original source IP and instead show the firewall's IP as the source address, due to the ...

Doubt about Minemeld version 0.9.70

Hi team We currently have deployed a server (Minemeld version 0.9.70), Company Systems requires us to upgrade the operating system of this server. It is running Ubuntu Linux 16.04. We are asked to deploy a version that runs Ubuntu Linux 22.04. Is it possible to upgrade the system or deploy a new OVA with this need fulfilled? Regards

Alpalo by L4 Transporter
  • 1159 Views
  • 1 replies
  • 0 Likes

creating a customer account

I am attempting to create a Palo Alto customer account so that I may transfer a Palo Firewall that it I have purchased to it. I do not have a sales number for the purchase so I cant create an account. I am buying the unit from a partner. It is a unit to be used for training. How can I create an account????? Thanks in advance for shared wi...

Device Certificate not showing

Hello Guys, I have problem with device certificate, i have create the device certificate, but is not showing in GUI Palo Alto.but when i try to import configuration the certificate is showing.anyone can help me why device certificate is not showing in GUI ?

dwi.nur by L1 Bithead
  • 21464 Views
  • 14 replies
  • 0 Likes

ECCN for PAN-OS

Hello, I require the ECCN for your software, PAN-OS. I do not have access to the 'HW Accessory Cross Reference' link I have seen posted. Alternatively, please provide an email address to your Trade Compliance team so I can contact them directly. Thank you.

ECJTBBAE by L0 Member
  • 1590 Views
  • 1 replies
  • 0 Likes

Packet drops with Unknown-TCP

Hi Team, Need your suggestion on below. We have created a policy to allow access to a site with URL filtering. Created new category to the specific set of URL and then allowed the same in URL Filtering Profile and called the same in ACL. Source is set to LAN Range, Destination is set to Any, Application is set to Any, Service is set to Any, URL ...

  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks