General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! block file on specific endpoint cortex agent

Hello, I want to block an executable in the Cortex agent configuration but on a specific endpoint. can you help me? thank you

Cortex XDR

PA 440 MGMT Interface and Regular Interface

Good afternoon all,

I am very new to this field and I wanted to acquire some knowledge or perhaps a better explaination. Looking at all of these videos online I think some basic fundamentals are missing in terms of real world scenarios; and not so

...

SSL decryption issue on Palo Alto firewall

Secondary IP and DHCP

Greetings,

Say we have an interface that is configred the following way:

e1/2.240

Tag: 240

IPv4 Address (two addresses on the interface):

-10.10.100.1/24

-192.168.100.1/24

Now, if that interface is configured as a DHCP relay, which network is it going to se

...

PA 850

hello

we have deployed a HA 850 series cluster

we have users complaining about problems with:

voice quality on MS Teams

screen freezes

video & audio out of sync

Q is there a configuration I should use to optimise the MS Teams network performanc

...

Resolved! Understanding some counters from pow performance during high CPU troubleshooting

Hi all,

I was troubleshooting one of our customers pa 5220 high CPU utilization based on this KB article:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmV2CAK

It gives a pretty good explanation of how to interpret t

...

{"status":500,"timestamp"

i am trying to register a new account to register a product... getting an error message

{"status":500,"timestamp":"2024-01-14T16:30:48.473895602Z"}

Resolved! PA 220 Dataplane restart automatically.

Hi Team,

We have noticed that our PA 220 device data plane has been restarted automatically.

Pan OS: 10.0.6

Please find the logs below,

2021-09-24 10:36:23.126 +0530 INFO: flow_ctrl_pktlog_forwarding: exited, Core: False, Exit code: 0
2021-09-24 10:36

...

ARP refresh in firewall if replacing the connected device

we are changing the core device hardware connected to Palo alto firewall inside interface. To minimize downtime we will be moving inside interface of secondary passive firewall to new secondary core and then we will make it active by suspending prima

...

Resolved! Features column in Network Interface shows an IPSec Gateway

I have a HA pair of PA 5220s at the HQ location and a PA-850 at a secondary DR location. We have about 100 remote sites that have a primary Site-to-Site VPN connection to HQ and a secondary connection to the DR location. Each of which have their own

...

Impact of license expiry

I need the impact below license expiry. This is not in terms of any OS version. This is a gen query.

-SD WAN License
-BrightCloud URL Filtering
-GlobalProtect Portal
-GlobalProtect Gateway

I intend to get the below bullets:-

-What one can s

...

description contains 'Failed to connect to address: x.x.x.x port: 3978, conn id: triallr-x.x.x.x-x.x.x.x' )

ipsec vpn, global protect is not set.

34.122.191.141 > google address

200.200.200.200 > loopback address

I found a Cortex logging service error, but I don't know how to solve it in detail.

https://knowledgebase.paloaltonetworks.com/KCSArti

...

PBF Rules being ignored

I have setup several PBFs to force traffic to use a specific egress interface for monitoring that particular path. I then setup a ping monitor on one of the servers, Source Address 192.168.200.15, to ping several different Destination Addresses (DA)

...

Resolved! Confused about HA Path Monitoring recovery (Preemptive loop)

Hello,

So this is a document: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClhJCAS

Which states:

When a link or path monitoring (or both) failure condition is detected by the HA daemon on the Active device, it moves in non-f

...

Active Directory Users & Computers slow over GlobalProtect

We are experience an issue that I am curious if anyone else has encountered. When any of us IT folk are VPN'd in via GlobalProtect (tested on different internet connections, hardwired and wifi) whenever we open up MSFT Management Console Active Direc

...

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Resolved! block file on specific endpoint cortex agent

PA 440 MGMT Interface and Regular Interface

SSL decryption issue on Palo Alto firewall

Secondary IP and DHCP

PA 850

Resolved! Understanding some counters from pow performance during high CPU troubleshooting

{"status":500,"timestamp"

Resolved! PA 220 Dataplane restart automatically.

ARP refresh in firewall if replacing the connected device

Resolved! Features column in Network Interface shows an IPSec Gateway

Impact of license expiry

description contains 'Failed to connect to address: x.x.x.x port: 3978, conn id: triallr-x.x.x.x-x.x.x.x' )

PBF Rules being ignored

Resolved! Confused about HA Path Monitoring recovery (Preemptive loop)

Active Directory Users & Computers slow over GlobalProtect

GlobalProtect SAML Authentication Complete

how to generate an AWS Redis Auth code ?

How to validate Redis connection from vm-series on AWS ?

global counter tcp_case_2

IKEV2 w Cert - Wildcard peer for DN does not work.

Re: GlobalProtect 6.3.3

Re: GlobalProtect 6.3.3

Re: Support PAN-OS Software Release Guidance

Re: MFA external provider question

Re: GlobalProtect 6.3.3

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! block file on specific endpoint cortex agent

Resolved! Understanding some counters from pow performance during high CPU troubleshooting

Resolved! PA 220 Dataplane restart automatically.

Resolved! Features column in Network Interface shows an IPSec Gateway

Resolved! Confused about HA Path Monitoring recovery (Preemptive loop)