This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4104 Views
  • 0 replies
  • 0 Likes

Resolved! Migrate model FW to virtualwith panorama for policies (recommended procedure)

Hi, We have to migrate a standalone PA-820 to a cluster VM500. The config will be the same except few interface changes. Only security policies are deployed from panorama (not template). So what is recommended way to do It? Which option is better:1) export existing device state fw to the VM FW?2) export/import just the running config. Do som...

BigPalo by L4 Transporter
  • 840 Views
  • 1 replies
  • 0 Likes

Resolved! Combining IP and URL EDL on Rules

Hello, We're adding the Microsoft 365 EDLs from here: EDL Hosting Service. The goal is to allow access to all M365 IPs and URLs outbound. What's best practice if I have two separate EDLs, one for IPs and one for URLs? I see that IP-based EDLs can be used in the Destination portion of the rule, and URLs appear to be only selectable in the ...

Resolved! Changes to sinkhole?

Starting early yesterday we began seeing a lot of activity from a subset of iPhones on our network getting mask.icloud.com caught by sinkhole.paloaltonetworks.comWe've been unable to find any commonalities between the devices. Wondering if anyone has been seeing anything similar or if this is a known issue?

M.Crow by L1 Bithead
  • 1178 Views
  • 1 replies
  • 0 Likes

Resolved! SCM Compatibility

Hello Everyone! I am looking for insight on the possibility of bringing PA-220s and PA-220Rs into SCM Pro for visibility and configuration. My research has led to conflicting results: Strata Cloud Manager Prerequisites indicates that the Advanced Routing Engine (ARE) is a requirement for onboarding a device into SCM. Advanced Routing sta...

nohash4u by L3 Networker
  • 1992 Views
  • 2 replies
  • 0 Likes

Threat Protection Coverage for LockBit 5.0

Hi All, We like to have clarification regarding the current threat protection capabilities of Palo Alto Networks firewalls against LockBit 5.0 ransomware, which has been reported as a newly emerging variant around September 2025. Upon reviewing the ThreatVault database, we found several existing threat signatures related to LockBit (e.g., Troj...

Global Protect 1.2.2-14 winhttpObj, error! ipaddress

Hi,I keep getting this error when trying to connect with global protect, this pc is on the internal network. I should get the massage 'Connected Internal'...any ideas. I have included the log below and highlighted the line.(T3776) 04/24/13 09:46:14:861 Info (2249): winhttpObj, HandleHttpsRequest, cmdStr = (T3776) 04/24/13 09:46:14:861 Info (2268...

Resolved! Identifying Preferred/Recommended PAN-OS Versions

I recently upgraded 2 locations of 3420s and 3410s to 10.2.10h4 from 10.2.7h8 and it looks like Palo Alto has included a feature that will identify the "preferred" software versions. This is a pretty neat feature native in the GUI which will help admins quickly identify the current preferred releases.As always admins should do their due dil...

Brandon_Wertz_0-1725895914916.png

Twsitlock licence for Docker Vulnerability scan

Hi All, I am interested in using Twistlock to scan my containers for vulnerabilities. Could you please advise on the quickest way to get started, where to download it, and what software needs to be purchased? Is Twistlock available on any cloud platforms like AWS, Azure, or GCP for fast deployment? Any information would be appreciated. T...

Resolved! About FIN/RST Packets

Hi Experts, I was unable to find detailed information in the manufacturer's documentation or knowledge base, so please advise. ・If a communication is permitted by the firewall's security policy, is it possible for the firewall to send FIN or RST packets to that communication (client or server)?・Does the firewall ever send FIN or RST packets ...

woody249 by L4 Transporter
  • 1266 Views
  • 2 replies
  • 0 Likes

Enterprise firewalls need to be opened for new Redirector IP addresses on ports 443/TCP and 3851/UDP

Is it possible to do a screen view using something like Teams to update our firewall with the following reminder that was sent to me " Dear Customer, We are reaching out to inform you that new Redirector IP addresses will be added to the existing Redirector IP addresses list starting 15th December 2025. We advise customers to add the new IP ad...

Applying QOS bandwidth restriction

Hi, I would like to understand if my FW is capable of the below using QOS: - I am using PA-1410 in HA pair - I have 1 ISP internet link with 50Mbps bandwidth connected to eth1/1 - I have a requirement to create a guest network using the same ISP link and assign 10Mbps out of 50Mbps. So. using the same outside interface (eth1/1) I want to res...

Ahmed_94 by L1 Bithead
  • 1653 Views
  • 5 replies
  • 0 Likes

Is it possible to configure a custom report into graph or chart format, similar to the options available for predefined reports?

We have configured a custom report for Interface Bandwidth and scheduled it for daily email delivery. However, we are not receiving the reports via email or seeing them triggered. The SMTP configuration test is successful, and we are not able view the reports under Monitor > Reports. Whenever we try to pull the report manually from the cus...

Seeking Preparation Support for the SSE-Engineer Exam

I am planning to take the Palo Alto Networks SSE-Engineer exam and I am looking for some guidance on how to prepare effectively. If anyone has suggestions on study materials, practice test, or important topics I should focus on, I would appreciate your response on it.

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks