General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Is PAN OS buggy?

If I only had my personal experience and the amount of chatter on the support forum, I'd say that the PAN OS is buggy. Is there more comprehensive information available on bugs in the various releases, like Cisco's Bug Toolkit? I'd like to make mor

...

User-ID-Agent Traffic

We have user-id-agents on ou core DC's and all our local DC's (across the WAN). We receive reports with high SMB traffic polling from the core DC -> local DC. Anyway to eliminate or reduce?

Resolved! Update application v 339

Hello,

Since I have updated my active/passive cluster with latest Application and threat content (version 339, released yesterday), some ssl traffic is now recognized as "tor" application.

This traffic is only ssl, not tor.

Is someone else have this pro

...

Performance with Spirent

Hi All,

Test with PA 5020, with PAN OS 4.0.11 with tcp reject non syn disable

Traffic generate from 50k IP Source and 1 IP Destination

Can anyone give explain about why in small packet (64 bytes) test in Spirent, there is no result ?

Or someone already t

...

Resolved! SMTP Authentication for Reports, Alerts, etc.

Hello,

I'm trying to setup my PA-500 (running PAN-OS 5.0.0) to e-mail me reports and alerts. But, there are no options for SMTP authentication, which our mail server requires us to use. Am I missing the options somewhere, or is this feature not buil

...

Resolved! unauthorized application goes to specific rule

Hello,

I have defined a rule that allow pings (using the "ping" application). However there are a lots of other applications that flows through this rule, even "web-browsing" !!!

How is this possible ?

Regards,

Laurent

Firefox Error ssl_error_rx_unexpected_new_session_ticket

Hi,

after PA-500 upgrade (from 4.1.7 to 4.1.9) I solved SSL problem with Chrome but now I have a problem with firefox opening SSL pages (when they was decrypted by the firewall).

For example opening https://www.google.com I receive this error:

"SSL ha r

...

Resolved! Application Blocking page for HTTPS traffic through Web Proxy

Hello,

I experienced an issue with 'application blocking page' for https traffic through web proxy.

The firewall is configured to decrypt the HTTPS traffic.

Layout : Client -- Palo Alto FW -- Web proxy (Squid)

If the traffic (https session like https://w

...

Resolved! LDAP authentication not matching user groups

Hi.

I've got LDAP authentication configured to allow users into a Global protect portal. I'm 100% sure it works OK, because I can authenticate against it.

Trouble is, I *can't* get it to authenticate against an Active Directory group. if I add individu

...

Resolved! Using wildcard cert

Being smart we thought it best to use a wildcard cert as we were going to be setting up about a half dozen SSL certs and various domains, that seem to be ever expanding.

One place we wish to use is on our PAN device for VPN access.

but as i go to impor

...

issue with uturn nat, please help!

Hi All

I have a u turn nat rule and security policy in place that has been working fine to allow internal access to the external url of our exchange owa and now it has stopped working - nothing has changed on the firewalls or on the exchange system th

...

no fpga memory for dfa

Hi all,

I get some warning message as below, is there anybody meeting such messages?

What does it mean?

Nov 08 15:08:57 Warning: pan_fpga_alloc_dfa_partition(pan_fpga_handler.c:909): no fpga memory for dfa, subtype 2 size 180

Nov 08 15:08:57 Warning: pan

...

C

...

Discussions

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

Discover LIVEcommunity Through Our New Animated Explainer Video!

Is PAN OS buggy?

User-ID-Agent Traffic

Resolved! Update application v 339

Performance with Spirent

Resolved! SMTP Authentication for Reports, Alerts, etc.

Resolved! unauthorized application goes to specific rule

Firefox Error ssl_error_rx_unexpected_new_session_ticket

Resolved! Application Blocking page for HTTPS traffic through Web Proxy

Resolved! LDAP authentication not matching user groups

Resolved! Using wildcard cert

issue with uturn nat, please help!

no fpga memory for dfa

Blocking Downloads - Real World Examples?

Ipad detection

Clearing URL Continue Timeout

CLI - Basic to Advance PAN-OS 11.1

log forwarding to syslog | drops and queue

Combining IP and URL EDL on Rules

Manufacturing Number on a SPF LX module

Better solution for remote access

Re: flow_tcp_non_syn_drop - packet capture on this counter?

UserID periodic empty groups issue

Re: CLI - Basic to Advance PAN-OS 11.1

Re: SAML Authentication Profile not popuating IdP Server Profiles

Re: Upgrade PAN OS from 10.1 to 11.1

Unlock your full community experience!

Resolved! Update application v 339

Resolved! SMTP Authentication for Reports, Alerts, etc.

Resolved! unauthorized application goes to specific rule

Resolved! Application Blocking page for HTTPS traffic through Web Proxy

Resolved! LDAP authentication not matching user groups

Resolved! Using wildcard cert