General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics


Join Us for a Tech Deep Dive Miniseries!


Stop Zero-Day Threats in Zero Time with Nebula PAN-OS 10.2.


Join us live for an in-depth look at the latest advancements in cybersecurity, best practices, tips and tricks, demos and
more to protect your business and defend against threats in real


jforsythe by Community Team Member
  • 3 replies

Resolved! Apps & Threats version 8434-6840 fails to install



I've had 2 separate NGFW's fail to install Apps & Threats DB version 8434-6840 with this message:

  • Error: Application group 'Wifi_Allowed_Apps' member 'visual-studio-live-share-direct' does not exist
  • Error: This content install has failed because ap

ShaiW by L1 Bithead
  • 5 replies

Resolved! Getting GPG error updating

We installed minemeld a year or two ago and have been running apt-get monthly with no issue. Today running apt-get had CRC errors shown below. I looked through this forum but didn't find anything that looked related. Any help would be appreciated.




TCP Reset being dropped at firewall



I have a client accessing a Citrix CAG via a firewall at one site on HTTP that I see traversing the FW, exist out towards the internal PA firewall reaches its destination.  The destination server is sending a TCP RST, we are told to redirect the br


Resolved! Multicast issue

AE1.1 is the static RP( and ae1.1 has assigned to it. All the routes are served by this sub interface and RP configured on switch is

AE1.2 hosts the mcast server and AE1.2 has gateway of



raji_toor by L4 Transporter
  • 1 replies

Resolved! Static Bi-Directional NAT translation



Is it possible to have 2 static bi-directional NAT rules configured for the same public IP address e.g. mapping one public IP address to 2 internal servers using the below linked config?


Ben-Price by L4 Transporter
  • 2 replies

Minemeld with FIPS enabled

Has anyone successfully gotten Minemeld to work when the PAN is in FIPS mode?  Getting an error when following the steps listed in a previous article. "Import of GoDaddy2 failed. Unsupported digest or keys used in FIPS-CC mode"




Internal host detection not Working

I have an external Gateway and I wish to setup always-on except when on local LAN. As a test i am doing this on my own username but it seems to always want to connect to external GW regardless of my settings.


I have turned on Internal Host detection


welly_59 by L3 Networker
  • 11 replies

User-Mapping Server Monitoring

Hi All,


Wanted to know the Best Practice for the User-Mapping with Server Monitoring, we have a few Firewall Sites which utilize the server monitoring feature whereas the vast majority others do not and use only windows User-ID agents for probing and


Dear Palo Alto Networks:

Your firewalls are generally okay.

But, the fact that you cannot get an interface bandwidth graph without configuring some QoS hack to only show an ingress interface traffic graph is stupid.

Every firewall vendor in the world has this feature. Except y


getting traffic after the interface is down

Hey guys hope you doing well I got a question I get a challenge one of my user getting traffic logs of NetBIOS by source Pvt IP from LAN to WAN the device from the source side is down the 2 Pvt IP still hitting the cleanup rule. The Policy is denied


Disable new apps in content update

Hi Experts,


We've a pair of firewalls (9.1.6) managed by the Panorama (9.1.6). We've Threat prevention license in place and client would like to install just the threats and not the apps by selecting disable the new apps in content update.

As recommen


Top Liked Authors