General Topics

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! unknown command during SSH script

by testing a ssh skript i get an "unknown command" error from the CLI

user@host:~/> cat reset.sh 
ssh -t -t fw.domain.de << EOF
set cli pager off
show user ip-user-mapping all type CP
debug user-id reset captive-portal ip-address 1.2.3.4 
quit
EOF

...

Resolved! Running Security LifeCycle Review SLR for a NGFW

Hi All,

I have access to the PA HUB and want to run a SLR review for a client's NGFW (i have a statsdump file)

however it is asking me to activate this service and requires a cortex data lake instance of which i don't have one, is this still doable?

...

Certificates not appearing in XML running configuration

Dear colleagues,

I am having trouble with the custom Nagios plugin check_paloalto, specifically with the "certificates" check.

The rest of the checks are working fine.

Basically, the "certificates" check leverages the API calls and parse the XML

...

Resolved! Panorama M-100 is not showing in my customer support portal software list.

Hi everyone,

I'm trying to download the software for Panorama M-100 software from the Paloalto customer support portal but it's not in the list.

appreciate if anyone can help me why M-100 is disappear from the software list ? Is base on users Id lev

...

Resolved! Unable to access bing copilot (Bing AI Chat) from Prisma Access Remote Network

Recently Microsoft launched the new AI powered Bing search engine with the integration of chatGPT and Edge browser. There is some issue with the Prisma Access and chatGPT and users are unable to access it from the RN and as well as from the Prisma Ac

...

Resolved! Best practice for Active/Passive HA and OSPF

I configured Active/Passive HA in an environment where the firewalls connect to a core switch. There is an OSPF adjacency exists between the active Palo and the core switch. I'm curious what the best practice is for OSPF and HA. When tweaking the OSP

...

Inquiries about PBF nexthop settings when the ISP is a DHCP Client

1. Issue: PBF does not operate normally when the public IP received from the line is a dynamic IP

2. Measures
- If the circuit IP is a static IP, check the normal operation by inserting the gateway into the PBF – Nexthop setting
- If the line IP is a d

...

Understanding URL Filtering security profiles vs Rule Action

Hi!
I have a pretty basic question that I couldn't find the answer to - am hoping that someone could help me understand this.

Let's say I have a security rule:

Rule 1: src=192.168.1.0/24, Dst=192.168.2.0/24, Svc=Any, Action=Allow, Security Profile=A

...

Resolved! IKEv2 tunnel does not restore after HA failover

I have an IKEv2 IPSec tunnel that does not automatically restore after an HA failover. Once the IKE-SA and IPSec-SA is manually cleared, the tunnel eventually restores. I have other IKEv2 tunnels that restore after several minutes with no interventio

...

Cortex XDR: How to block execution of some unwanted apps

Hello All,

We have observed some unwanted applications( Any desk, WhatsApp) used by end users in customer environment. Is there any way apart from blocking the hash present in cortex console which will block the execution of such files.

Thanks in

...

When logging into the community can I turn off the email a code?

Whenever I want to log into the palo alto networks community, it asks to email a code to my email address. Sometimes I think it already did but nothing came, but in reality I never clicked the button to send the email.

Is there a way to turn that of

...

Day 1 Configuration of PAN-410 model firewall

I created day 1 config file for my PA-410 model firewall and loaded the configuration. But while commiting Got below error:

"email-scheduler -> Possible Compromise -> report-group 'Possible Compromise' is not a valid reference
email-scheduler -> Possi

...

Device Control Violations

how to download Device Control Violations data from the cortex

Resolved! Qualys scanner blocked

Hi,

We recently deployed Palo Alto and I notice that its blocking qualys scan on my internal network for the traffic passing through the Palo Alto vwire. How can allow all qualys traffic to pass through the Palo Alto?

Enable Device Telemetry with error message : Send File to CDL Receiver Failed

Hello,

I have PA VM100 with PAN OS 10.2.2. Enabling Telemetry and setting up the Telemetry Region as Americas. The status for Device, Product and Threat is always "Failed" with message "Send file to CDL Receiver Failed"

Any advise, suggestion or h

...

Discussions

Welcome to the General Topics Discussions!

Rules and Best Practices

Resolved! unknown command during SSH script

Resolved! Running Security LifeCycle Review SLR for a NGFW

Certificates not appearing in XML running configuration

Resolved! Panorama M-100 is not showing in my customer support portal software list.

Resolved! Unable to access bing copilot (Bing AI Chat) from Prisma Access Remote Network

Resolved! Best practice for Active/Passive HA and OSPF

Inquiries about PBF nexthop settings when the ISP is a DHCP Client

Understanding URL Filtering security profiles vs Rule Action

Resolved! IKEv2 tunnel does not restore after HA failover

Cortex XDR: How to block execution of some unwanted apps

When logging into the community can I turn off the email a code?

Day 1 Configuration of PAN-410 model firewall

Device Control Violations

Resolved! Qualys scanner blocked

Enable Device Telemetry with error message : Send File to CDL Receiver Failed

Palo Alto Software Visio files

SIP traffic being dropped in drop.pcap without log on PAN OS ver 10.2.4-h10

Renewal of license

Artificial Intelligence

Tags for Managed Devices vs. Object Tags

Re: Clarification on App Rule - I thought I understood this

Re: PANdora's Box

Re: Recommended PAN-OS version

Re: Recommended PAN-OS version

Re: New periodic alert: Configuration size 19MB is above 80% of the maximum recommended configuration size 23MB for the platform.

Unlock your full community experience!

Rules and Best Practices

Resolved! unknown command during SSH script

Resolved! Running Security LifeCycle Review SLR for a NGFW

Resolved! Panorama M-100 is not showing in my customer support portal software list.

Resolved! Unable to access bing copilot (Bing AI Chat) from Prisma Access Remote Network

Resolved! Best practice for Active/Passive HA and OSPF

Resolved! IKEv2 tunnel does not restore after HA failover

Resolved! Qualys scanner blocked