This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4441 Views
  • 0 replies
  • 0 Likes

VPN Site-to-Site Private IP and Public IP

VPN Site-to-Site Private IP and Public IPGood afternoon everyone, is it possible to set up a Site-to-Site VPN between a site with a Palo Alto Private IP and a Palo Alto Public IP.Site Privado: PaloAlto---IpWan-192.168.1.254---Router/Modem--------Internet-------Site Publico:IPWan:190.100.100.200Thank you very much for your help and support, I rem...

Metgatz by L4 Transporter
  • 8819 Views
  • 7 replies
  • 0 Likes

SD-WAN Hub and Branch PANOS versions

Is there a requirement for PANOS version to match for SD-WAN or for the Hub site to be of a higher version of PANOS. Example: Hub is on version 10.2.4, Branch is on 10.2.6 Would there be any issue with this?

teaton by L0 Member
  • 1115 Views
  • 1 replies
  • 0 Likes

GP stops working when ecmp is enabled

We have Palo Alto firewall with three Internet links. One is a leased line and other two are ADSL links. I have configured ECMP on the two ADSL lines to load balance traffic on the two ADSL links. Global Protect is configured on the leased line. I have configured default route to all the three internet links in the firewall. I have configured th...

Dijesh by L1 Bithead
  • 5191 Views
  • 11 replies
  • 0 Likes

Resolved! Received Suspicious alerts "-- MARK --"

We are receiving suspicious alert from Palo Alto firewall on syslog server. how to stop receive these alerts. <46>Oct 24 05:50:14 PA-3020 -- MARK --<46>Oct 24 06:10:14 PA-3020 -- MARK --<46>Oct 24 06:50:14 PA-3020 -- MARK –

Karthi_N by L1 Bithead
  • 2501 Views
  • 2 replies
  • 0 Likes

Resolved! Self-Signed Certificate Issues

Hello everyone, I am trying to make a self-signed cert for use with Global-Protect in my lab. I go into Device, Certificates, Generate, give the cert a name, Root_GP_Cert, common name of 192.168.189.155 which is the WAN side IP Address. Click the Certificate Authority box and click ok. Then I click on Generate again, this time I use a differen...

GWynn by L3 Networker
  • 8368 Views
  • 2 replies
  • 0 Likes

Stateful Session rely on interface or Zone

Hi There, Currently, I'm testing redundancy for vWire pair. I have replicated the existing vWire and sub-interface configuration to another couple of interfaces. Now both the vWire pairs have identical configurations including the zone. I anticipated the stateful session to fail when the traffic switched from one vWire pair to another. But whe...

Feature suggestion: better candidate configuration highlighting and testing

These are some suggestions that would help a lot when creating new rules: 1. Highlight modified uncommited policies. You may argue that a user should know what the is chaning, but the problem is multiuser. When a user has a candidate rule, but hasn't applied it, other users cannot tell which rules have been modified. 2. Allow testing of ...

URL Filtering

Good dayI am sure this question is answered somewhere but I somehow cannot locate it, so please be patient as I go through the problem we experience.Our company's US URL is listed as High-Risk when testing it through the URL Filtering website even though we provide a legitimate service and product across the world. I did change the category in h...

Restoring Palo Alto from AWS snapshot - interfaces etc

Apologies if this is a basic question but first time I do this maybe in a real production environment and I have no prior experience. Does anyone have an example of restoring Palo Alto in AWS (from a snapshot)? Where could things go wrong in the restore process for example interface issues. If anyone has experience please let me know.

ChatGPT Access

Hi Team, Users are trying to access ChatGPT and getting error, but we have allowed teh ChatGPT APP-ID and still the same. Not even seeing any error at all. What is the best way to fix it? Regards, Sanjay S

NAT traffic from DMZ to another zone

Hallo Everyone, I am using PA-220 let’s call PaloAlto-Firewall “X” Office Firewall “Y” Other firewall “Z” Firewall X has 8 Interfaces. Interface 1/1: has the IP-Addressee 192.168.5.254. we assigned this Interface to a Zone Called "DMZ". When this firewall and this Interfaces want to communicate with our office Network it send the traffic to fire...

MRahaman by L0 Member
  • 2132 Views
  • 1 replies
  • 0 Likes

Resolved! Broken email notifications formatting in version 11.0.1

Hi all I noticed that email notifications in ver 11.0.1 are kind of broken from the formatting point if view they just look like a blob of text, instead of a decent formatted email in ver 10.2.4 is there a way to fix it? Thank you

broken_email_notifications.png
nevolex by L3 Networker
  • 22647 Views
  • 26 replies
  • 3 Likes

URL category block triggers not logging in Panorama

Hi, I am testing global protect using Prisma Access - Panorama managed.. On panoroma - i have a mobile user security rule applied with a custom URL filtering profile enabled where I have set the action to block for some of the newer URL categories introduced by PAN in recent times.. ie 'ransomware', 'scanning-activity' and 'command and control'....

PA_nts by L4 Transporter
  • 978 Views
  • 1 replies
  • 0 Likes
  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks