This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4436 Views
  • 0 replies
  • 0 Likes

Resolved! USER ID MAX USERS IN A GROUP???

Hello,I've configured on PA5060 an Idenfication with AD:PA5060: 4.1.6 USER ID AGENT : 4.1.4-3LDAP SERVER 389 I do a group mapping by group but this group have more than 16000 users.when I do a show user usersIDS , I can't see all my users. I know that AD have a limitation of page size to 1000 users by request.do you know if they are an limit...

alle by L3 Networker
  • 19409 Views
  • 10 replies
  • 0 Likes

Can't install device certificate

Hello, I'm trying to install a device certificate as instructed in the manual. I generate OTP using my account, I indeed see my valid serial number, get the OTP. Then I copy-paste to the firewall GUI and get the following error: I'm connected to the internet, did setup of DNS and NTP servers. Thank you very much.  

Screenshot 2024-04-17 173742.png
YonatanG by L1 Bithead
  • 1792 Views
  • 2 replies
  • 0 Likes

TS agent SSL error

Hello, I've been trying to add a new TS agent on my firewalls. As there is no redistribution for user-{ip+port} mapping, I want to map the TS agent to 2 FWs. Backend FW is connected correctly, Frontend FW is in error.I can capture the following between FW and TS agent :- FW to TS : SYN- TS to FW : SYN/ACK - FW to TS : ACK- FW to TS : RST I've g...

MMerlier by L1 Bithead
  • 7119 Views
  • 4 replies
  • 0 Likes

Resolved! Edit personal information

I'm trying to update some personal information (my last name), but when i save the configuration, it doesn't actually save. On the other hand, my last name changed and now its my name (Lucas Lucas). Please help me, i can't find any Customer Service number about problems like this one, only TAC.

loropeza by L0 Member
  • 1870 Views
  • 2 replies
  • 0 Likes

403 forbidden error while importing IDP fiile

Hii, I have been trying to import G suit IDP file in SAML Identity provider on palo alto VM firewall but for infinite time its just showing message "uploading" without showing any error message. when I checked in network tab of inspect element I can see the error 403 Forbidden. Not sure why its coming like this as same IDP file I am able to ...

Resolved! PING from Firewall GUI

Hi All, I have a basic doubt.Isit possible to ping from firewall GUI ?If not from Panaroma CLI, isit possible to connect firwall ( to test the ping from firewall to host ) Reason : To check the network latency from fireawall. ThanksKM

Resolved! PA-220 to PA-440 Migration Recommended Process

I need to migrate 2 stand alone PA-220s to PA-440s. The current PA-220s are running PAN-OS 10.2.4-h2. I would like to know the recommended process for doing this. Can I backup the configuration and system state and restore it on the PA-440? Do I use Expedition to migrate the current config to the new firewall? Thank you in advance

Import TXT or CSV to an Address Group?

I have a TXT file (I could also save it as a .CSV) of about 2000 known bad IP addresses I want to block traffic to/from. Is there a way to import this list into an Address Group? I see an option to download a dynamic list but I would then have to host the file somewhere externally and have the palo download it. Is there an easier way to do this?

j_della9 by L0 Member
  • 10947 Views
  • 4 replies
  • 1 Likes

NAT mapping public to private IP

Hello all, I have been updating our NAT policies within our PA-3220 to specify traffic translation mapping from our public addresses to private addresses. After committing the changes the traffic has only been routing to the catch all NAT rule at the bottom of our NAT policies. I am concerned that I did not configure everything correctly after...

IKEv2 IPv6 tunnel with dynamic endpoint from one IP

With IPv4 it is possible to build multiple IPSec tunnels from one interface IP with dynamic/unknown destinations and separate them based on the IKE peer IDs. That configuration is accepted by the firewall.As for IPv6, as soon as one source interface is used for multiple IPSec tunnel with dynamic peers, the following error is shown during commit:...

nikoo by L3 Networker
  • 2925 Views
  • 2 replies
  • 0 Likes

Release dates for PAN-OS

Hello all, Can anyone provide me the release dates for the following in regards to PAN-OS:10.0.410.0.510.0.610.0.710.0.810.0.910.0.1010.0.1110.0.12 Thank you

jsmoove by L0 Member
  • 1201 Views
  • 2 replies
  • 0 Likes

Reverse proxy for Exchange ActiveSync

We have a Palto Alto cluster and I want to use them as reverse proxy for our Exchange inbound trafic. We activated decryption for this trafic and we want to allow only ActiveSync trafic / application. It did not work with only allow ActiveSync application, we also had to create another rule to allow web-browsing to URL */microsoft-server-activ...

karsayor by L0 Member
  • 2436 Views
  • 2 replies
  • 0 Likes
  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks