This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

DHCP issue in vwire

Hi all,Having a really simple archie with two ports in vwire (Allow all vlan and multicast on it), create a rule "trust to untrust allow all".Issue is for dhcp request, I have to create a rule allowing dhcp answer from untrust to trust ....In my mind there is no reason to do that .. If request is allowed, answer should be automatically.Maybe som...

VinceM by L5 Sessionator
  • 4006 Views
  • 4 replies
  • 0 Likes

Need help for HA Active/Active configuration with two ISPs with IPs in different subnets.

Hi All,In below scenario firewall external interfaces of both firewall has configured with IPs in the same subnet (topology 1)what if configured with the different IPs for different ISPs (topology 2). Kindly consider the above query all the HA Active/Active methods (Floating IP, ARP load sharing and Mixed mode of both).Thank you,Gururaj

Gururaj by L4 Transporter
  • 5127 Views
  • 4 replies
  • 0 Likes

Is it possible to block method POST in any website?

Hi guys, Our company don't want employee to post anything on internet so we're trying to create custom application that block method POST on http-request-message. But when we're trying to write a pattern. It's always pop up an alert to say that at least 7 bytes require. we've tried it so many ways such as [a-zA-Z0-9] but it still w...

Global Protect Portal/Gateway Certificate Issue

Hi,Just recently after upgrading to Global Protect Version 1.2.4 we started getting error messages on our external users laptops that there was an " CN Mismatch Name" but continuing still allowed them to connect..After determing it was a Common Name issue with the Device Certificate " web-server" - Subject "Local Host"I am now after some instruc...

acmi by L1 Bithead
  • 2688 Views
  • 1 replies
  • 0 Likes

Resolved! Daily packet capture limit of PA-3000?

I would like to know Daily packet capture limit of PA-3000 serial.Do you know this?other serial device is...>  PA-5000 : 786432>  PA-2000 : 131072>  PA-500 : 32768>  PA-200 : 65536Regards.

smaekawa by Not applicable
  • 4492 Views
  • 4 replies
  • 0 Likes

Certificate Error in Global Protect Portal

Hi All,I'm trying to setup the Globalprotect VPN and have followed the (only partially helpful) GlobalProtect-Configuration-4.1.pdf to create certs and set everything up. When I try to connect to the portal site with my browser I get a certificate error - "Error code: sec_error_bad_signature".It doesn't matter if I conect to the host name or the...

smithkopel by Not applicable
  • 35053 Views
  • 23 replies
  • 0 Likes

Resolved! IOS Global Protect APP - Required Client Certificate is not found

Hi l am trying to configure the IOS App with our PA 2050 and l am getting the message :Gateway " IP Address " : Required Client certificate is not foundI have installed a 30 Day Trial license of the Gateway to test this but still the same error message.. Do l need to import a security certificate to the IOS iphone ?Thanks Simon

acmi by L1 Bithead
  • 9175 Views
  • 5 replies
  • 0 Likes

How to control URL Filtering bypass by IP?

Hi all,How can the Palo Alto control the age-old URL filtering bypass of typing in the IP address of a site, rather than the hostname?As an example, some of our students last week did:1. www.minecraft.net via web browser is blocked (category: games)2. do an nslookup or dig for www.minecraft.net3. type IP address into browser and then get through...

Resolved! group mapping

Hi,We have 5 ldap profiles with different domains.When adding group mapping for each we can see all gorups without problem.After we add and commit all gorup mappings disappear in gorup mapping tab.(deleted)Any idea ?

Resolved! authentication profile LDAP

Hi,When l go to authentication profile and select "add" under allow-list for a LDAP connection it does not list all Active Directory Groups from our Domain ?We are currently on PANOS version : 5.0.3I also have the User ID Agent setup on both of our Windows 2008 Domain Controllers using version number : 5.0.1-2

acmi by L1 Bithead
  • 3507 Views
  • 4 replies
  • 0 Likes

Resolved! User Agent picking up domain service account instead of end user

We are running a 2008 R2 domain and the user agent is in and working. However, it keeps showing one of our domain service accounts on many (not all) of the reports and monitoring instead of the actual user that is browsing. We run the same service account that is showing up in the reports for our KACE agent and Sophos agent. Not sure if this ...

Resolved! System fan speeds?

Hi.I've recently implemented a new monitoring system (see thread in the devcentre forums) called Observium, and one of the things it does is read *all* the SNMP sensors out of the Palo Alto devices.I noticed that it was reporting the fan speeds on my PA as really, really high - like, 12000 RPM and above - and I figured it was a bug.But I just di...

darren_g by L4 Transporter
  • 6876 Views
  • 6 replies
  • 0 Likes

Resolved! 5.0.5 Management CPU?

So, I finally got to upgrade my 2020's to 5.0.5 (not been able up to now owing to operational requirements) after hearing from our PA rep's tech guys that it's mostly stable now, and he hasn't heard any bad reports on it.However, it seems the high management CPU bug/issue is back - my Management CPU is now running pretty constantly at around 60%...

darren_g by L4 Transporter
  • 6962 Views
  • 9 replies
  • 0 Likes

iOS Globalprotect VPN question

So I'm going through the document here:https://live.paloaltonetworks.com/servlet/JiveServlet/downloadBody/2016-102-8-14087/GlobalProtect-Config-Apple-iOS-RevD.pdfI have an existing / configured GlobalProtect portal for VPN usage for PCs/Macs. It looks like this (portal and gateway settings):http://imgur.com/Juwdzxqhttp://imgur.com/D9bwEwPIf I e...

bradenmcg by L3 Networker
  • 2703 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect 1.2.2 disabled Windows auto-login

We are rolling out the GlobalProtect client to our campus community and we came across this behavior. When we install the GlobalProtect client, it disables the auto-login feature for some of our Windows machines. This is a non-issue for me, but some of our users are complaining that they have to enter passwords. My question is simply, is this...

mcw015 by Not applicable
  • 4472 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks