General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Blocking via file extension (Text only)

Am I able to block via file extension, the text file extension ony, without any inspection and/or identification by the Palo Alto unit?

I want to block jar files but the PA keeps telling me they are zip files and then allows them. I would like to bloc

...

Many "not-resolved" category in URL Filtering log when using "URL Category" column in Security rules

Hi, all,

First, my customer doesn't buy "URL Filtering" license.

I use the "Custom URL Category" in the "URL Category" column at Security rules, as the attachement named "security-rules.png".

https://live.paloaltonetworks.com/servlet/JiveServlet/downloa

...

Polycom Real Presence issue

Hi (it's my day for asking questions, it seems).

We have a client who desires that we connect to a Polycom video conferencing system using some software called "PolyCom Real Presence".

The trouble is - it doesn't work, or works intermittently - sometim

...

Resolved! Help: how to use dynamic block list

Hi all.

I want use " Dynamic Block List" to block some IP.

I creat a IP list on a local web servers

But I can't import list in to Palo Alto?

Something wrong?

Pls help me.

Thanks

PBR on 5.0 with redundant internet connections questions

Hello All,

New to Palo Alto. I think PBR is working right. But functionality is not what I wanted to happen.

I have Cisco DMVPN from all my remote sites to my corporate site. This tunnel is created inside of the firewall.

my desired affect is to have

...

Resolved! Cant select app to clone

This might be a dumb question but I am having trouble cloning the Oracle application in the GUI. I have admin rights, there are no pending changes, and I've tried this from 2 different browsers. I find the application and there is a clone button belo

...

Resolved! PBF Interface Choices

I want to set up a policy-based forwarding rule to send all traffic from a particular Source IP out through port ethernet1/8. I can't figure out how to get "1/8" in my list of interface choices. All I have to choose from is vlan, loopback and tunne

...

wildfire and security policy - problem

I have enabled wilfdire protection on polisy for NAT (also antyvirus/antyspyware/Volnerability).

From time totime I get email with information that someone from my network downloaded some files infected ie. by malware.

Until now I think that this file

...

Blocking a site hosted malware

A new "parked domain" company and come to surface, and they seem to own a LOT of domain names, none of which brightcloud has correctly classified as "parked domain". The server in question is hosting a piece of malware called seedabutor.b. Our AV i

...

Resolved! Virus install high CPU on Active, not standby?

Hi.

Configuration : 2 x PA2020, Active/passive, running 4.1.11, trying to install AV release 957-1328

I noticed today while pushing a virus definition update that the active node in my active/standby takes an absolute age to install/update, with the ma

...

Resolved! Can I get all managed devices to show in Panorama Maps?

Do anyone out there know if it is possible to display all managed devices in Panorama in either the Threat or Traffic Maps?

We have branch firewalls in locations all over the country and it would be nice to see which were getting hit with more traffic

...

test security-policy-match

Hi

Somebody help me write command test security-policy-match....... which WORKS and search that rule:

VIP-TEST {

from zone-v586;

source any;

source-region any;

to zone-v8;

destination 192.168.81.81;

destin

...

Resolved! PAN-OS Upgrade with HA

Has anyone found a really good tech note that goes over performing a PAN-OS upgrade on an HA pair? Both Active-Passive and Active-Active?

Resolved! Mgmt Plane Always high CPU

I have a PAN fw at a client site that always has the mgmt plane cpu at 100%. The data plane CPU barely ever goes above 10%. Is there an easy way to troubleshoot the cause of this or what is taking up so much CPU usage?

Has anyone taken a look at panug.com ?

I stumbled across a site that I think aims to be similar to https://www.cpug.org - sort of the community's independent forum where discussions about Palo Alto can take place. Kind of a neat idea, but I'm not sure how much community momentum it has.

Ch

...