General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Resolved! Are PA-devices affected by the packets of death?

For more information see Not Just AstLinux Stuff: Packets of Death and http://www.kriskinc.com/intel-pod

http://sourceforge.net/p/e1000/bugs/119/?page=3 might be related aswell.

In short, a magic combo in packets will make the nic go completely offline

...

What possible reason cause MP CPU higher after integrate with Panorama

Hello,

As this article's title, I setup a Panorama to collect the logs from a PA-2050.

But, when I complete the integration between Panorama and PA-2050, the CPU percentage of Management Plane become higher.

Before the integration, the MP CPU is lower

...

File "Block" page showing when file "Block and Continue" set

I have an issue where I have set a 'Continue' action in a file download profile, but the file Block page is being shown instead.

There is a article on here saying to reset the relevant Response Page setting, but that does not work as the page being sh

...

Block-ip action for blocking brute force ssh doesn't seem to be working

We've been noticing that we are getting quite a bit of brute force ssh attempts on our system, so we decided tonight to put in a rule that blocks those attempts. I took one of our existing policies that just logs everything, and added an exception th

...

PA200 with DSL (Dynamic DHCP Client) causing slow web browsing and "incomplete" application in traffic monitor

Ever since I put my PA200 inline at my house, my internet has been running really slow.

In troubleshooting, I learned about the "More Runtime Stats" link in the virtual router. I needed this info to determine what traffic should be considered "intere

...

Running a custom report from the command line

Hi,

Is it possible to run a previously defined custom report from the command line?

br

mario;

Resolved! there is a way to log with alert when using a cat in TAB "Url Category"?

Hi,

All my URL profil is config with ALERT instead of allow. So i log any URL block or accept.

But the problem is im not able to ALERT if i unblock or block a category under policies TAB name "URL Category".

I have no choice, my rules are set in this w

...

Resolved! How do I block all URL traffic but a select few?

This question has been asked in a couple of different ways without a definitive answer that I can find.

My challenge is that we have an external engagement space where designers (internal and external) collaborate on projects. Users thin client into t

...

Resolved! Display 'Last logged in' info on user's logon screen

Hi,

Is it possible to display the timestamp of the last login on the logon screen (both in captive portal and at the globalconnect remote client)?

I think this is a nice assurance for the user to actually check that noone has used his account since his

...

HA Primary

Why is it when I have a HA pair with an identical link failure on both devices (same monitors configured), the device with the higher 'device priority' value (least preferred) becomes the Primary device?

When a pair of devices has the same failure the

...

Palo Alto start up queries

Hi everyone,

Just have some queries on Palo Alto firewalls posting some questions. Help on these is much appreciated.

what does the following command do

> show neighbour all

Does this function like Cisco discovery protocol to identify the peer CISC

...

Resolved! Syslog - What IP is Sourced in Syslog?

PA500 and syslog? What IP (or interface) is sourced from the PA to a syslog server? Is it a management interface? If you have multiple assigned management interfaces, which one?

Thanks.

Resolved! SSO Requirements

As with most things GlobalProtect I am having issues with a customer and am finding it difficult to find out why.

I guess the first question is do you need to use client certificates in order to use SSO with global protect?

The issue the customer has i

...

Resolved! unauthenticated users

Is there a simple way to prevent unauthenticated users from accessing the internet from the inside?

It is my understanding that you cannot negate AD Groups? True?

I was hoping to create a policy like this that would deny any unauthenticated users from

...

Does anyone know "flow_fwd_zonechange" and "Packet routed to different zone"???

Hello All.

I use PA-5050 , PANOS-4.0.9 , 10G Interfaces

DMZ zone has FTP Server. It work for file download service to Internet.

FTP data traffics are very slow (about 50KByte/s).

But the device is working "commit" that FTP data traffics are fast(about 10

...

Discussions

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

Discover LIVEcommunity Through Our New Animated Explainer Video!

Resolved! Are PA-devices affected by the packets of death?

What possible reason cause MP CPU higher after integrate with Panorama

File "Block" page showing when file "Block and Continue" set

Block-ip action for blocking brute force ssh doesn't seem to be working

PA200 with DSL (Dynamic DHCP Client) causing slow web browsing and "incomplete" application in traffic monitor

Running a custom report from the command line

Resolved! there is a way to log with alert when using a cat in TAB "Url Category"?

Resolved! How do I block all URL traffic but a select few?

Resolved! Display 'Last logged in' info on user's logon screen

HA Primary

Palo Alto start up queries

Resolved! Syslog - What IP is Sourced in Syslog?

Resolved! SSO Requirements

Resolved! unauthenticated users

Does anyone know "flow_fwd_zonechange" and "Packet routed to different zone"???

CLI - Basic to Advance PAN-OS 11.1

log forwarding to syslog | drops and queue

Combining IP and URL EDL on Rules

Manufacturing Number on a SPF LX module

Better solution for remote access

Re: flow_tcp_non_syn_drop - packet capture on this counter?

UserID periodic empty groups issue

Re: CLI - Basic to Advance PAN-OS 11.1

Re: SAML Authentication Profile not popuating IdP Server Profiles

Re: Upgrade PAN OS from 10.1 to 11.1

Unlock your full community experience!

Resolved! Are PA-devices affected by the packets of death?

Resolved! there is a way to log with alert when using a cat in TAB "Url Category"?

Resolved! How do I block all URL traffic but a select few?

Resolved! Display 'Last logged in' info on user's logon screen

Resolved! Syslog - What IP is Sourced in Syslog?

Resolved! SSO Requirements

Resolved! unauthenticated users