General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! How to filter traffic log by non-empty user

Hello

How to filter traffic log by non-empty user name in Source User field?.

I have Captive Portal for uers, but some exeptions for printers and other stuff that isn't able to logon. Id like to filter traffic and get only traffic that isn't authentica

...

Resolved! How can I verify what traps my palo alto sends?

How can I verify what traps my palo alto sends?

I need to know some command or some method to know what snmp traps are being sent from my FW

Resolved! Can Panorama M-200 support PA-5410

I'm upgrading to PA-5410 and I can't find the documentation showing if the M-200 supports this device. Is there a link that shows what PA devices are managed by each Panorama device? I've looked everywhere online and can't find anything.

Resolved! Simple IPsec tunnel interfaces not passing MAC address

Good afternoon,

I've got a simple site to site IPsec tunnel in non production that I'm having a problem with. Currently I have the mgmt interface up. I also have my trust/untrust interfaces connected to a Cisco switch on the appropriate VLAN's fo

...

"Warning! authentication for output feeds is disabled", again

Hi Team,

we installed Minemeld a few days ago and we are fighting with the old issue "Warning! authentication for output feeds is disabled".

Our MineMeld instance runs as a docker Installation on Ubuntu 16.04 LTS. Installation was done with the

...

Blocking ChatGTP

Hi Guys,

@BPry

@kiwi

How do you go an blocking ChatGTP ? Seems like has not been defined in the list of apps yet (applipedia)

Thanks,

Pkarki

IPSec VPN Idle Timeout

Hi All, May i know what is the default ipsec vpn idle timeout in case we didnt configure the tunnel monitor for PA 820 ?

Resolved! security policy in monitor mode only

Hi,

This is a new Palo Alto deployment. We used to have Cisco FTD as IPS and now we are replacing with Palo Alto. We have 3 devices (router and SDWAN) that we configured using vwire so all traffic to the DC would pass through the Palo Alto inspec

...

API - Fetching URLs from Custom URL object

Hi all, we have a Custom URL category object, WL-URLS, which contains a number of URLs for a whitelist policy.

I am looking to find some information on how to go about retrieving the URLs from this object via the XML API. My preference is the XML A

...

365 tenant restrictions problem with office365-enterprise-access

Noticed that a few of our enterprise logins that were previously identified as "office365-enterprise-access" are now being identified as "ms-office365-base". I've found an article explaining some of the issues. I know that this was working flawles

...

GlobalProtect and multiple AAD tenants

Hello -

We've set up a GlobalProtect portal and gateway to connect third-party individuals to our VPN. We've configured it to use SAML for authentication, leveraging an Azure Active Directory Enterprise Application that we have configured per the M

...

Entries in User-ID table show info pushed from XMLAPI never timeout

Hi guys,

My customer previously used XMLAPI to push User-ID info to Palo Alto but they now have an Aruba Clearpass appliance which will be handling all User-ID information via Syslog.

Due to software issues they cannot currently use XMLAPI between Clea

...

Resolved! New Anti-Spyware Signatures, false positives?

Hello,

The latest application and threat content update this week added a couple of new anti-spyware signatures:

medium

86759

AndroxGh0st Scanning Traffic Detection

spyware

alert

medium

86760

AndroxGh0st Scanning Traffic Detection

spyware

...

Resolved! The machine on which Cortex XDR agent is installed is not showing the Windows key (Start Menu) option.

How solve this problem.

Resolved! Certificate based Site to Site VPN (IKEv2)

Hello Folks, I am trying to build a site to site vpn between a Palo Alto firewall running 8.1.7 and a Checkpoint firewall. Settings are configured to use IKEv2 only with certificate based authentication.

While the logs below are from lab setup, but t

...

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Resolved! How to filter traffic log by non-empty user

Resolved! How can I verify what traps my palo alto sends?

Resolved! Can Panorama M-200 support PA-5410

Resolved! Simple IPsec tunnel interfaces not passing MAC address

"Warning! authentication for output feeds is disabled", again

Blocking ChatGTP

IPSec VPN Idle Timeout

Resolved! security policy in monitor mode only

API - Fetching URLs from Custom URL object

365 tenant restrictions problem with office365-enterprise-access

GlobalProtect and multiple AAD tenants

Entries in User-ID table show info pushed from XMLAPI never timeout

Resolved! New Anti-Spyware Signatures, false positives?

Resolved! The machine on which Cortex XDR agent is installed is not showing the Windows key (Start Menu) option.

Resolved! Certificate based Site to Site VPN (IKEv2)

Upgrade from version 10.2.7-h8 to 10.2.11-h2

IPSec setup with certificate

UNABLE TO PING MANAGEMENT INTERFACE FROM LAN

Site flagged as GRAYWARE Please Help!!

HA State is "not sycned" even though Sync Task is completed on Peer (Passive) Gerät)

Re: User ID agent not starting.

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Re: Sofware Upgrade broken? "An active license is required for this feature"

Re: Cannot see Dynamic IP lists

Recommended PAN-OS version

Unlock your full community experience!

Resolved! How to filter traffic log by non-empty user

Resolved! How can I verify what traps my palo alto sends?

Resolved! Can Panorama M-200 support PA-5410

Resolved! Simple IPsec tunnel interfaces not passing MAC address

Resolved! security policy in monitor mode only

Resolved! New Anti-Spyware Signatures, false positives?

Resolved! The machine on which Cortex XDR agent is installed is not showing the Windows key (Start Menu) option.

Resolved! Certificate based Site to Site VPN (IKEv2)