This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4228 Views
  • 0 replies
  • 0 Likes

Having problems with the Palo Alto API with vm_eval 10.0.4

I'm trying to make API calls. Using XML pathing it works fine. '/api/?type=config&action=get&xpath=/config/devices/entry[@name="localhost.localdomain"]/vsys/entry[@name="vsys1"]/rulebase/security/rules' So actually I had 2 questions. Is there a difference in functionality between the rest api calls and the xml pathing api calls? I'm a...

hfakoor2 by L2 Linker
  • 1732 Views
  • 1 replies
  • 0 Likes

IPSec and PROXY ID

Hi Some back ground - been a long time since i delved into ipsec + proxyid. back in the linux days with strongswan and openswan and there was issues with nat and ipsec. My understanding back then was you had a interface say eth0 and when you applied a IPSEC tunnel (so ESP not AH) the proxyid were used to identify what was encapsulated into t...

Alex_Samad by L4 Transporter
  • 17238 Views
  • 10 replies
  • 0 Likes

returning packet going back the way they came

Hi I have need to connect to a new site - they have over lapping IP address ranges. I have agreed to re number - all good. want to setup a IPSEC tunnel and I would like to SNAT all traffic from this new site so lets that I am using 192.168.10-20.0/24 and the space is 192.168.240-250.0/24 So its going to take a while to get it all renumbered ...

Resolved! The website experienced a temporary decline in traffic.

I'm facing issue when accessing NBA picks website which is hosted on cloud. I have created object of website and called in policy . this issue occurs when i have called object in destination and I m trying to access website . if i have access this website as destination put any then it will accessible.

screenshot (2).png
screenshot (1).png

SD WAN policy did not working after upgrade PAN-OS

Hi Team, I have a PA-850 in HA , recently we have upgrade the PAN-OS firewall from 10.1.10 to 10.1.11 and managed by Panorama. and then we check and found out the SDWAN policy is not working anymore. Before upgrade it's working fine. i have upload the primary non working of the SD wan Policy. There's no error message in GUI i tried to shut...

Regarding Setting up my University's VPN for another account

Hello, my name is Andrew. I am a student with UCR that needs to use GlobalProtect to sign into my University's VPN to use their academic website resources (library databases, etc.). I am reaching out to you guys because it takes me to the PaloAlto website sign-in portal every time I click on the MacOS directions to use the UCR "off-campus" link ...

Resolved! Upgrade PAN-OS from 9.1.14 to 10.1.10

hi, thanks for looking we need to update our Box, going to 10.1.10 from 9.1.14 does anyone see any issues? is there a preferred route if we did then go to 10.1.10 do I need a specific Global protect client version to work with it, (currently on 5.2.10) thanks

Newly Registered Domain Access

Hi All, We have a request from customer to get access to a newly registered site. After we allowed access to the URL, we see the drop logs due to Sinkhole configuration. Threat Type says Spyware and DNS Policy is configured for newly registered domains as Sinkhole by Default. So this is expected. But is there any other way i can allow access to ...

Clarification on how PA process Security profile with applied Service/URL Category

Hi All, I have a quick question and hopefully someone can help me understand how security profile is processed by PA. I understand that security profile is processed from left to right, then top to bottom. My question is, does all criteria need to match so that the traffic will match the rule? Is the logic used by PA is AND or OR? Source ...

Resolved! Determining false positives in Wildfire

Disclaimer- I am a big fan of Wildfire. Since implementing it the beginning of this month, it has shed much light on malicious activity on our network. Thanks for it!Like others in related posts, I would like to know more about the criteria for determining the verdict of malware. I received a report this mornting that a Dell BIOS file, DMC521-01...

cloughr by L2 Linker
  • 8523 Views
  • 5 replies
  • 0 Likes

Commit Warning

Hi Team, When i am commiting the changes seeing the below warning after I created the Security profile Warning: No valid Antivirus content package exists I dont see any package for AV in the Dynamic Updates. Do we need any specific license to get this working? Regards, Sanjay S

PA-3400 series max-user-group

Dear Team, I can check max-user-group as shown below through the 'show system state filter cfg.general.max* command on the PA-3220. However, I think the PA-3400 series does not have that command. If anyone knows the value or command, please share it with me. Thank you

KyungjunCHOE_0-1695263490834.png

Resolved! Commit Failing because tag is not being created before sdwan traffic distribution profile

Trying to push out a change from panorama to one of our devices and its failing with Validation Error: . profiles -> sdwan-traffic-distribution -> Profile -> link-tags -> TAG' is not a valid reference . profiles -> sdwan-traffic-distribution -> Profile -> link-tags is invalid this is a shared profile and in use in a ...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks