This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4436 Views
  • 0 replies
  • 0 Likes

Resolved! Best way of doing user-ID mapping? WMI, Winrm-http? There is also Kerberos and NTLM?

Hi, new to PA here. We just got the firewall and I'm trying to figure out what is the best way to set up User-ID mapping. I don't want to install any agents on the domain controllers and the goal is users can access Internet as long as they log into their computers with their Windows credentials, no other login required. From the User-ID screen,...

Certain TCP traffic not showing at the Azure Palo firewalls.

Certain TCP traffic not showing at the Azure Palo firewalls. There are tcp traffic from on-prem to Azure test subnet vm. The connection path is as below: on-prem user laptop -> onprem palo fw -> express route ->Azure Palo fw -> test vm. There is no NSG on any of the interfaces at Azure side. The RDP traffic from the on-prem user lapt...

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity! Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting-edge techniques, and real-world case studies. In each episode, you'll hear engaging discussions—...

jforsythe by Community Team Member
  • 1452 Views
  • 0 replies
  • 0 Likes

Issue: New Palo Altos crashing domain controller with migrated config

Morning all!Have an odd one for y'all that has defeated us so far. We are currently attempting to side-grade from PA-5250s to new PA-3440s but have experienced a showstopper twice that caused us to revert back to the PA-5250sIssue: New Palo Alto firewalls (seemingly) crash domain controllers once load hits the network (KB5035849 is uninstalled f...

Resolved! Firewall OSPF Area configuration - range or interface specification - Area 0.0.0.0 general questions...

Configuring an area 0.0.0.0 on PAN firewall (10.2 and higher). 1. Does PAN attribute 0.0.0.0 to area 0? Is that the only way to define area 0? or other options? 2. Area IP range: in cisco world, the range command implies that all connected interfaces on the router, which fall within the range, get include as LSA's in the area and start commu...

anon4all by L2 Linker
  • 3761 Views
  • 2 replies
  • 0 Likes

Connect Before Logon + Enforce GlobalProtect for Network Access + Captive portal

Hi all, we are enforcing to our devices an always on company connection, without vpn our users cannot login to their windows desktop (no local password cache), so we have implemented "Connect Before Logon" + "Enforce GlobalProtect for Network Access" but we have problems with captive portals. Is the captive portal detection working also in the p...

Resolved! Log forwarding profile in all security policies

Is there any other way to configure Log forwarding profile in all 300+ security policies in single shot. currently there is no log forwarding profile in all 300+ policies. So below method is not applicable: Not through web interface but you can export config out.It is one single xml file. Device > Setup > Operations > Export configurat...

Panorama Software Deployment Options Missing

I have a virtual Panorama running 11.0.3-h3 and I'm trying to deploy software to PA-450s. The only option I have is to reboot device after install. I don't see an option to upload the software only without an install and reboot. Is there supposed to be?

LLDP Unsupported / Unkown TLV types

Hey Community! I have my PA5200 series attached to Cisco ACI switches and it seems that some of the LLDP TLV options that the Cisco switches advertise - are either not understood/not supported on the Palo. Is there a way I can supress the log output from displaying in the monitor tab/dashboard as it just fills the dashboard all the time: This is...

mcnairi by L1 Bithead
  • 4417 Views
  • 2 replies
  • 1 Likes

Resolved! Palo Alto Events in 2025

Hi All, Where can I find information on Palo Alto hosted events in 2025? Doesnt seem much is going on. Thank you.

roma by L2 Linker
  • 6983 Views
  • 1 replies
  • 0 Likes
  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks