General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Skype - Cannot add Contacts and Skype Home Page Unavailable

Greetings,

I have come across an issue which is confusing me and I am running out of options to find a solution:

PANOS version: 4.1.9

User-ID agent : 4.1.3-2

I had issues with ip-user mapping and group-mapping ever since I've upgraded to 4.1.9. Any new

...

Resolved! Maximum number of virtual wire on PA 500

Hi all,

I try to found the suitable PAN model for support my environment. I design PAN to support 2 virtual wire and 1 NAT network. I'm not sure that PA 500 will support 2 virtual wire. I prefer throughput and session number that support by PA500

...

Resolved! Security/App-ID Bypass?

Can someone within Palo Alto Networks comment on this video? This seems like it could be an easy attack vector...

Palo Alto Networks Security Bypass - YouTube

Resolved! Maint partition is empty

Hello, I have two PA-2020 in an HA Active Passive scenario. Just looking around in my CLI, I noticed that the maint partition is empty on one of my nodes, but has an older 4.0.3 on the other node.

Partition State Version

-----------------

...

Upgrading 4.07 to 4.1.2 in HA environment

The following change log may be useful to all of you wondering how an upgrade goes in an HA active-passive pair. It would be nice if PAN support were to put this into a tech note. Each step is essentially a check or an observation from top to bottom.

...

Resolved! HA recovery advice after upgrading Active first

Being a newb and never having updated my Active/Passive HA pair, I took the 4.1.10 release notes at face value. There is no mention of special provisions for HA upgrades so I clicked "install" and now have a 4.1.10 Active member and a mismatched 4.1.

...

Reports - i cant see source ip complete.

Hi,

I have a PAN-2050 (Software version 4.1.5) and i have configured a predefined report with diferents tops (top 5 connections, top 5 destinations, top 5 applications). The problem is that when i dowload and see the PDF with the report i cant see the

...

Agentless User-ID not processing ingore-user list

I've been working on trying to configure all the firewalls with the Agentless User-ID setup but despite several attempts to enable it I cannot get it to ignore users.

I establish a session and enter config mode and type in the command set user-id-coll

...

Resolved! issue downloading release notes

I've been having issues downloading release notes regularly. The download doesn't even start, no matter if initiated from the support page or from the PA UI (Device-Software).

Not a policy issue...

Anyone else noticed that ?

SSL VPN client is sending the PA traffic with other local interface IP

I realised that some traffic from several remote clients is going through the firewall with another remote-local IP address, different from my remote assigned-pool. Obviously, this traffic is beeing dropped. It happens with users accessing correctly

...

Resolved! Installing an Intermediate CA

I'm getting the following error when I perform a commit on a PA-3020. PAN-OS 5.0.1. I know I'm doing something wrong. I'm new to installing certs so feel free to point and laugh.

I had a certificate signed by GoDaddy for use by Global Protect. It

...

Intermittent Group Membership problem

We are currently having a problem with a new domain where the group membership intermittently disappears.

If you run the command "show user user-IDs match-user domain\" (4.1.x) or "show user pan-agent user-IDs match-user domain\" (4.0.x) it shows use

...

Resolved! How to import device configuration into Panorama ?

Hello,

We have a customer who has installed and configured a PanOS 5.0.0 A/P cluster of devices a few time ago.

Now he has bought a Panorama licence to centrally manage and report his devices.

Is there a quick and straight way to import devices congigur

...

BGP Route Table

So in discussions with a few customers the BGP functionality has come up when peering with ISPs and replacing dedicated BGP equipment. The route table size on the PAN5060 is roughly 64000 routes. Most Universities have tables upwards of a 1/2 Milli

...

two factor authenticaton tokens with PAN firewalls...

I am looking for a two factor authentiction solution for PAN firewalls (Global Protect). particularly interested in a Mobile phone base app to provide security token or OTP to authenticate users via Global Protect. Anybody have any good or bad expe

...

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Skype - Cannot add Contacts and Skype Home Page Unavailable