This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4440 Views
  • 0 replies
  • 0 Likes

Fuel Spark Event Discussion: AI in the Age of Cybersecurity (May 23, 2024)

Fuel User Group is hosting a virtual Spark User Summit on May 23: AI in the Age of Cybersecurity. This special event, from 9:30 until 11 a.m. PT on Thursday, May 23, is dedicated to AI. Join cybersecurity experts and Fuel members from around the world for an insightful virtual session with Rob Rachwald —Director of Product Marketing, Palo Alto...

jforsythe_0-1716475067826.jpeg
jforsythe by Community Team Member
  • 2178 Views
  • 1 replies
  • 3 Likes

Agentless USER-ID timeout

Hello, We have USER-ID setup to get our wifi logs and that is working well for most of our devices however we have an issue where the iPads will initally get a connection but then after timeout period set in User Identification Timeout they remain connected without a username and therefore will have no access. The ipads never drop wifi even wh...

Schedule Export of Configuration Files Questions

Hi All,My goal is to set up a daily backup of Panorama/Firewall Configs. Regarding config backups, does anyone know if the OS matters? For example, the SCP/FTP server is UNIX vs Windows where the logs are stored?I also understand only Panorama can do this. How would I do this with all firewalls? The article below states that "Panorama saves a ba...

NevinN by L0 Member
  • 9999 Views
  • 7 replies
  • 1 Likes

EDL with ending token is not valid

Hello Guys, Im having a problem with EDL, some while ago a pop up start appearing when creating or opening an External Dynamic list, suggesting that append an ending token when using domains, i try to append a token "/" without the quotes obviously, but when i configure ex: google.com/ this entry is invalid and not shows on the list the EDL is...

Resolved! Static routing and VPN tunnels failover/monitoring configuration with Dual ISP implementation

After upgrading PA-220 from 9.1.18 to 10.2.x previously "healthy" Tunnel and Path monitors for VPN tunnels were up and down, constantly re-keying on the remote end. We managed to solve the re-keying issue (only IPSec was a problem, not the IKE), and removed one of the monitoring solutions - tunnel monitoring as requested by PA TAC, with only P...

openssh vulnerability clarification

Team, Below Advisory mentioned that openssh 7.9 is affected with few vulnerabilities and on upgrade to 8.1.13 will resolve it.https://security.paloaltonetworks.com/PAN-SA-2020-0002 but below pan os open source listing mentioned as openssh version is 6.4 is used. So can you please confirm whether update is required and whether updat...

GP users stop working each 30 minutes

We currently have version 6.1.4-711 of Global Protect deployed for the establishment of VPN sessions for teleworking users against our perimeter PAN FW. Panos is 10.2.8-h3 We have a group of users (a small part of the total) to whom Global Protect indicates that they do not have an internet connection (when they do) and their communication with ...

BigPalo by L4 Transporter
  • 2545 Views
  • 4 replies
  • 0 Likes

Automatically generate a network diagram for auditors

There is such rich data stored in this tool, is there way to generate a network diagram? I need to have up-to-date network diagrams for SOX and PCI audit every year. It would be awesome to have a diagram generated that I could review/update and then hand over to auditors. It would also be helpful during production issues to quick overviews of m...

WJLennon by L0 Member
  • 4416 Views
  • 3 replies
  • 1 Likes

GlobalProtect Prelogon tunnel and Portal authentication

Looking for assistance on a GP setup. I want to have a pre-logon tunnel (certificate, always on) and a portal, which uses SAML authentication. I also need the user to have to re-authenticate any time they disable, sign-out, reboot, etc. The problem I'm running into is because the portal uses SAML auth, the portal communication during pre-logon ...

JamesH1318_0-1715954968880.png

Disable and re-enable the 2FA for GP VPN connections

Dear community, What is the best way to temporarily deactivate 2FA authentication for Global Protect VPN SSL connections and enable authentication solely via LDAP server by entering the username and password, we aim to seamlessly reinstate the 2FA authentication without any disruptions or the requirement for end users to re-register their 2FA a...

TammamA by L1 Bithead
  • 1538 Views
  • 1 replies
  • 0 Likes

Unable to find the reason for packet drop

Hello, In our Palo Alto the traffic is allowed on the firewall but it is not working. When we did packet capture we found that return traffic in drop stage. To find the cause of the packet drop I have set the filter using 'Manage Filters' in GUI then use the following command. debug dataplane packet-diag set filter on but I am unable to se...

Palo lato firewall is not fetching latest dynamic updates and software updates

Dear Friends, We have a customer who is not able to fetch latest dynamic updates and software version. we checked, ping reply is coming from updates.paloalto also address is getting resolved, we restarted device-server and management server also we cleared the session from CLI we tried almost everything, then we rebooted device, but no luck ...

Slow GlobalProtect on PA-1410

Trying to see what might be going on with our PA-1410 after we upgraded to 11.0.2-h4 from 11.0.2-h1. We have tons of tickets for slow GP connections since that upgrade a few weeks back. We have a 1gb link and average usage is <100mb. Users will connect to GP, go to the file server, go to open an Excel file and you'll see Excel saying it is...

  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks