This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4441 Views
  • 0 replies
  • 0 Likes

Commit error After PANOS10.1.10 upgrade

After upgrading from PANOS 10.1.8-h2 to 10.1.10 we start getting the following commit error. profiles -> spyware -> sink-alert -> botnet-domains -> dns-security-categories is invalid. Missing pre-defined DNS security category Any idea to correct this error?

Lance by L2 Linker
  • 13522 Views
  • 10 replies
  • 0 Likes

Resolved! Acting on Vulnerability threats

When the Threat log shows a vulnerability, is this an actual attack of this vulnerability or is this something that is using software that has this vulnerability?Trying to determine when to act on the vulnerability (i.e. block).If a critical level vunerability is an actual attack then it would be no brainer to just block it but if the vulnerabil...

merrydc by L1 Bithead
  • 13468 Views
  • 15 replies
  • 0 Likes

Resolved! Global Protect VPN Device Certificates Expired

Hi Guys, I'm the first time to renew our GP VPN device certificates. But my certificates just expired today. And I checked our old device certificates, it doesn't have the "CA".When I renew it, do I need to import certificates ".pem" file or "pkcs12"? I don't want to change any current VPN configuration.I have totally no idea how to do it. Thank...

Pan-Os Image for educational purpose

Hello, I'm working on a graduation project about the Next Generation Firewall and would like to use the Pan-OS images. I registered on the Customer Support Portal but received an error and couldn't continue. It seems it won't be possible to download Pan-OS images if I'm not a customer but a student. Is this possible or do you have any free Pan-O...

wiler121 by L0 Member
  • 14896 Views
  • 4 replies
  • 1 Likes

Having problems with TCP port allowance

Good morning/afternoon/night to everyone.I'm using for the first time Palo Alto Firewall and I'm having some troubles allowing TCP port 2245. At the moment I have this NAT Rules: and I have this Security Rules: PS: note that I also have some rules for TCP/UDP ports related to WHM and cPanel.Can someone tell me if I'm doing something wron...

Captura de ecrã 2024-03-12, às 23.13.36.png
Captura de ecrã 2024-03-12, às 23.14.26.png
Captura de ecrã 2024-03-12, às 23.15.36.png
Captura de ecrã 2024-03-12, às 23.17.58.png

Resolved! Setting up Site to site VPN when one side has a dynamic IP

Hi ,You can use the Easy VPN setup in Cisco ASA to create a site to site VPN from a remote site that does not have a static IP address associated with it. Is it possible to do the same when the Main Office device is a Palo Alto firewall ? The remote office device will be a Cisco ASA configured to initiate a IPSEC connection to the corporate Palo...

Multicast Dropping First Few Seconds of Stream

We have multicast set up between two zones, and are able to send messages from our Informacast system to our Algo speakers. However we are noticing that for every page or bell that we send from informacast, the first three seconds are cut off. Is there a way to correct this?

Resolved! How to verify WAF IDS & IPS configuration in Palo-alto firewall?

Dear Friends, We have a customer who is performing Network related technical assessment He wants to know the below details from us 1)WAF>>Screenshot showing WAF deployed and enabled 2)IDS&IPS >>Screenshot showing IDS/IPS enabled 3)Screenshot showing M365, firewall, and proxy server logs being collected How to verify WAF ID...

user unable to connect to Global protect when they are on Mobile hotspot

Hi, User is on GP 6.2.1, they can connect to GP fine when they are on their home wifi, but as soon as they try to connect using their mobile hotspot, GP can not connect, we checked the PANGPs.log file and this is we found when on 6.2.1: HipMissingPatchThread: now is 1710422673, last hip check is 1710422672, hip check interval is 3600000 P4...

blocking ZOOM file sharing

Hello, I need to block zoom file sharing in my company. there are applications signatures for zoom-uploading and downloading but they are not working properly.all trafic are going in zoom-base and not blocking file transfers. if i block zoom-base meetings will be blocked too. what can i do to block file transfers ?

Taslica by L1 Bithead
  • 10374 Views
  • 6 replies
  • 0 Likes

Additional PAN-OS Certificate Expirations Questions

As of today 3/14/2024, it seems most of us are going to be on app version 8822-8637-higher, I'm wondering if this fulfills the request for Option 1 for the Additional PAN-OS Certificate expatriations and we just have to reboot the firewalls? Is there any way to check after the reboot if we will be fine before 04/07/24?

Group Mapping Nesting LDAP Filters

Hello I am trying to achieve the following:I would like to limit the groups the firewalls need to cache.Therefore I would like to filter only to search below certain OUs in AD. As I learned this is not possible via LDAP Searchfilter with wildcards or sth. Therefore I set up multiple LDAP Server Profiles where the Base DN matches the entry-OUs wh...

PAN-PA-445

Hello, I need hlep regarding ECCN for PA-445. Could you please help me with this request? Thank you. Best regards,

smacura by L1 Bithead
  • 1500 Views
  • 2 replies
  • 0 Likes
  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks