General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Certificates not appearing in XML running configuration

Dear colleagues,

I am having trouble with the custom Nagios plugin check_paloalto, specifically with the "certificates" check.

The rest of the checks are working fine.

Basically, the "certificates" check leverages the API calls and parse the XML

...

Resolved! Panorama M-100 is not showing in my customer support portal software list.

Hi everyone,

I'm trying to download the software for Panorama M-100 software from the Paloalto customer support portal but it's not in the list.

appreciate if anyone can help me why M-100 is disappear from the software list ? Is base on users Id lev

...

Resolved! Unable to access bing copilot (Bing AI Chat) from Prisma Access Remote Network

Recently Microsoft launched the new AI powered Bing search engine with the integration of chatGPT and Edge browser. There is some issue with the Prisma Access and chatGPT and users are unable to access it from the RN and as well as from the Prisma Ac

...

Resolved! Best practice for Active/Passive HA and OSPF

I configured Active/Passive HA in an environment where the firewalls connect to a core switch. There is an OSPF adjacency exists between the active Palo and the core switch. I'm curious what the best practice is for OSPF and HA. When tweaking the OSP

...

Inquiries about PBF nexthop settings when the ISP is a DHCP Client

1. Issue: PBF does not operate normally when the public IP received from the line is a dynamic IP

2. Measures
- If the circuit IP is a static IP, check the normal operation by inserting the gateway into the PBF – Nexthop setting
- If the line IP is a d

...

Understanding URL Filtering security profiles vs Rule Action

Hi!
I have a pretty basic question that I couldn't find the answer to - am hoping that someone could help me understand this.

Let's say I have a security rule:

Rule 1: src=192.168.1.0/24, Dst=192.168.2.0/24, Svc=Any, Action=Allow, Security Profile=A

...

Resolved! IKEv2 tunnel does not restore after HA failover

I have an IKEv2 IPSec tunnel that does not automatically restore after an HA failover. Once the IKE-SA and IPSec-SA is manually cleared, the tunnel eventually restores. I have other IKEv2 tunnels that restore after several minutes with no interventio

...

Cortex XDR: How to block execution of some unwanted apps

Hello All,

We have observed some unwanted applications( Any desk, WhatsApp) used by end users in customer environment. Is there any way apart from blocking the hash present in cortex console which will block the execution of such files.

Thanks in

...

When logging into the community can I turn off the email a code?

Whenever I want to log into the palo alto networks community, it asks to email a code to my email address. Sometimes I think it already did but nothing came, but in reality I never clicked the button to send the email.

Is there a way to turn that of

...

Day 1 Configuration of PAN-410 model firewall

I created day 1 config file for my PA-410 model firewall and loaded the configuration. But while commiting Got below error:

"email-scheduler -> Possible Compromise -> report-group 'Possible Compromise' is not a valid reference
email-scheduler -> Possi

...

Device Control Violations

how to download Device Control Violations data from the cortex

Resolved! Qualys scanner blocked

Hi,

We recently deployed Palo Alto and I notice that its blocking qualys scan on my internal network for the traffic passing through the Palo Alto vwire. How can allow all qualys traffic to pass through the Palo Alto?

Enable Device Telemetry with error message : Send File to CDL Receiver Failed

Hello,

I have PA VM100 with PAN OS 10.2.2. Enabling Telemetry and setting up the Telemetry Region as Americas. The status for Device, Product and Threat is always "Failed" with message "Send file to CDL Receiver Failed"

Any advise, suggestion or h

...