General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! USER-ID mapping by firewall

Hi All,

Consider there is an user (xyz@example.com) is accessing some network for which communication is allowed in firewall based on USER-ID rules.

If the User(xyz@example.com) at the same times access the allowed sites by using two different IP

...

SNMP Counter issue

Hello everyone

I am having a problem with SNMP requests on my palo-alto.

My issue is the following

I don't see any traffic on the physical interfaces of the palo alto, the traffic remains at 0

I can clearly see the traffic on the virtual interface (V

...

Panorama config export fail. Host key verification fails

When I try and configure a scheduled config export the connection fails. I get a message the RSA host key differs and asked to confirm adding the key. This is a loop and always asks to add the key. If I try to remove all the known host keys the co

...

Resolved! panos 10.2.4 palo alto no grpc connection available under iot policy recommendation

hi all,

every time I click on device->policy recommendation - Iot i get an error

"no grpc connection available"

what does this error mean

Thank you

comments in cli

Hi

I have a text file with PANOS command line arguments (set) what character defines a comment line ?

is there one ?

Resolved! PA is connected to a router

Hi PA(non-management interface) is connected to a router via a cable . What is minimus condition for the two device to ping each other?

1. ip address in interface are in same subnet,

2. interface associated with management profile to allow ping

3.

...

Resolved! CLI configuration of adding interface to virtual router

Hi,

When add a interface into virtual router using cli, do I need to copied all the interfaces in the virtual router currently, then add this new interface into the list?

For example, current default virtual router has two interface ethernet1/1 and

...

Encrypted-DNS False Positive Heads Up

Presently 20230406.20033 and earlier updates are presenting a large number of false positive categorizations for encrypted-dns. This includes several domains from Bitwarden, YouTube, Google, Microsoft, Spotify, and many many others. If you have encry

...

Resolved! L2 Over L3 with VXLAN protocol

Hello,

Is it possible to configure a VXLAN tunnel on a Palo Alto 3220 (running PANOS 10.2.3)? I.e. is L2 over L3 tunneling using VXLAN protocol possible? If so, is there an example configuration you can point me to?

Thanks!

blocking apps on google chromecast

Hello,

Looking to block apps on a new Google Chromecast all apps would be great but haven't been able to block AppleTV, HBOMax and ESPN. I've put appletvplus and hbo into our blocked apps rule but they still open and able to be accessed.

Any one

...

Where to download update for PA-2050 for learning purposes.

I have been given a PA-2050 to play with, and get my hands dirty, learning PAN, etc.

Where do I go find the latest supported image for it? https://support.paloaltonetworks.com/Updates/SoftwareUpdates/ doesn't have the PA-2000 series listed. It has

...

Re: Welcome to LIVEcommunity! Start Here.

Olá @Marcos1991

Algo que pode testar é a liberação de portas de VPN udp, já precisei em algum momento utilizar-se disto.

https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/firewall-administration/reference-port-number-usage/ports-used-for-ips

...

showing error "Last Fetched MessageFailed to renew device certificate. Invalid request. Authentication failed" renue option not available .

any solution, please help me

Thanks ,

#PA-410

Discussions