This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4113 Views
  • 0 replies
  • 0 Likes

Resolved! URL Category/Category List block and allow behaviors

I'm having an interesting issue where I've set up block action on almost all of the URL categories on a specific filtering list, including the risk categories. I've allowed three specific categories such as education, computer and info, and training and tools. Looking at the logs, I'm still seeing blocks. What I've noticed is the main catego...

jsalmans by L4 Transporter
  • 14752 Views
  • 2 replies
  • 0 Likes

Resolved! SSL routines::unsafe legacy renegotiation disabled

Hi, We are getting an increasing number of users reporting issues connecting through the Palo Altos when using OpenSSL3. Here is the information I have: "We've got someone working on moving to Node-18 from 14. We're getting issues in the build pipeline where OpenSSL3 is failing to connect through the proxy. We get the error unsafe legacy reneg...

Resolved! Issues with CHATGPT

I'm experiencing an issue where the CHATGPT login page is not loading everything in correctly and it's preventing our internal users from being able to sign in. I checked the network tab under the dev tools for my browser and saw that there were several items that were erroring out with the " 503 service unavailable" error. Could someone please ...

jthomasmccd_0-1697556174203.png
Google chrome network stats.png

Palo alto network HA link monitor failover Monitor Fail Hold Up Time

Palo alto network HA link monitor failover Monitor Fail Hold Up Time Hello good afternoon, thank you very much for your usual collaboration. I have a question, regarding HA Links monitor timers. When one has configured a track or HA Link Monitor, some interfaces, checking the HA timers, the one that corresponds is: Monitor Fail Hold Up Time ...

Metgatz by L4 Transporter
  • 4735 Views
  • 2 replies
  • 1 Likes

What do you people's think of this script?

I wrote a Python script that returns the differences in policies across firwealls. here's the github description: Firewall policies contain object groups, hundreds of ip addresses and ACL's, services, address objects etc. This script compares a set of firewall policies with the same name, across many firewalls, and return differences in servic...

hfakoor2 by L2 Linker
  • 3589 Views
  • 5 replies
  • 1 Likes

Malicious requests from 65.154.226.XXX to our service

Hello, We are hosting a cloud solution and we have identified a increased amount of malicious requests all originating from 65.154.226.XXX IP ranges. Most of them coming from 65.154.226.126, 65.154.226.220 and 65.154.226.100. It turns out these IPs originate from paloaltonetworks.com, that is why I am posting it here. According to AbuseIPDB thes...

SaSupNL by L0 Member
  • 9506 Views
  • 6 replies
  • 2 Likes

Resolved! Ownership & Support Transfer?

Hello, I recently purchased a PA-220 off of eBay for training purposes. The device has support through 30 June 2024. What is the process to transfer ownership of the device and support to me? I bought the device from an e-waste recycler; I don't know who the original owner was. Cordially, Rob

Resolved! PA Firewall VM series | interface suddenly goes down

Hi Team, We have a PA VM firewall where all working well but firewall interface (eth1/1 and eth1/2) went down suddenly No issue with the management interface so we are still able to access the firewall during the incident time. to brings the interface up, we do reboot on firewall and thus fix the problem. From the system log, we can see "li...

Resolved! VM-300 Software Update

Hi All, I'm looking to update my VM-300 firewalls from 10.1.5-h2 to 10.2.5 I've tried to work out the install steps but I'm a bit confused, I assume I need to do the following? update from 10.1.5-h2 to 10.2.0 then update from 10.2.0 to 10.2.5 Also, I assume the link below is where we go for preferred release guidance? Support PAN-OS Software ...

Resolved! Static NAT with Port Translation

Dears,I'm migrating some NAT rules from Cisco ASA to PAN Firewall. I don't know how to migrate a static NAT with Port Translation like the follwing example: static (dmz,outside) tcp Public_IP 443 Private_IP 80 netmask 255.255.255.255 this static in ASA means the outside connection will be directed to the public IP and the port of 443 and ASA wi...

Ammar by L2 Linker
  • 12731 Views
  • 8 replies
  • 0 Likes

LSVPN Satellites unable to sign-in to the portal after upgraded to PAN OS 10.1.2

Hello, We have upgraded the PAN OS to the latest version 10.1.2 on 3 of 5 PA firewalls, including the LSVPN portal, and 2 of the satellite firewalls.The thing is that 2 of the satellite firewalls with the latest PANOS 10.1.2 are unable to log in with the portal.Auth Method: Satellite Auth CookieError (Portal Side): cookie is invalid and no usern...

yanchen by L1 Bithead
  • 14291 Views
  • 15 replies
  • 2 Likes

Template Stack unable to Clone // PanOS 10.2.4

Hey everybody, we have an critical Issue with our Template Stack in Panorama! Since we've update to 10.2.4 we aren't able to clone our "Global Template Stack" anymore, which holds the Global Device Settings for all our Firewalls. When you go in Panorama -> Templates -> Mark the Template Stack and click "Clone" we get the Failed Mass...

template_issue.png

accessing Panorma GUI in eve-ng lab environment, certificate issues with chrome

So i've set up some firewall images in eve-ng 10.0.4, I dhcp'd the management interfaces, connectivity is fine everything working as expected, except I can't access the GUI on my local host chrome browser Giving me the error: NET::ERR_CERT_COMMON_NAME_INVALID so I can't access the GUI, and I read on some other post about changing the a...

FortiNSE1.png
FortiNSE1.png
hfakoor2 by L2 Linker
  • 4726 Views
  • 5 replies
  • 0 Likes

Resolved! ChatGPT not rendering correctly

So I have finally found out why ChatGPT is not working. cdn.oaistatic.com which is where all the css files are kept is being sent to the sinkhole. What is the correct way to get this resolved. I have sent this to get the classification updated and it has but still not working.

mbritt by L1 Bithead
  • 11725 Views
  • 4 replies
  • 2 Likes

firewall is dropping the packets on the interface level as the interface has not learned the MAC address of the peer

Guys Need help, I am having this issue on VM device , we tried upgrade from 9.1.11 to 10.2.x failed over and out of 5 BGP connection 3 stopped working . checked arp entries and there was no arp for the non working peers.- Failed over back to the older device , everything worked within few seconds. even after rolling back to 9.1.11 its not worki...

Abhinaw by L0 Member
  • 1612 Views
  • 2 replies
  • 0 Likes
  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks