General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics


Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 


In the past six


jforsythe by Community Team Member
  • 1 replies

Block domain *.*covid*.*

Hi Team

can we blocked domain in palo alto if domain name contains is *.*covid*.* in palo alto.


I was also wondering whether blocking such domain will be better through dns sinkhole or URL filtering.

shubhamG by L1 Bithead
  • 2 replies

ISP Router connection best practice

Hi All,


Just looking for advise , pros vs cons about connecting an ISP internet feed directly to our core mpls/vpls switch.  

ISP Internet Router—>adva—>Core Switch(siteA)—>mpls/vpls—>Core Switch(siteB)—> Palo Alto


The PA firewall will have a separate


MistryJa by L1 Bithead
  • 2 replies

Panorama HA Firewall PAN-OS Upgrade Clarification...

My apologies for the length of this post...I am trying to understand how to best upgrade PAN-OS through multiple major releases on a configured HA set and I may not be explaining myself it goes.


I am preparing to upgrade a PA-220


Migrating Palo Alto's

Quick question regarding changing model of Palo Alto's. We're moving from a larger model to a smaller. Is there a guide I could use for this? From what I've gathered so far the two firewalls have to be on the same software version? is that the only p


Resolved! IP Pool Assignment

We have deployed a PA-VM into AWS running 10.0.4 and are currently trying to configure Global Protect to secure our developer connections to our AWS environment. We have a Global Protect Gateway deployed and are able to establish a VPN connection. Th


Resolved! Policy based routing



Do we need a security policy, once the PBR configured in the firewall?




FW just forward the packet to the Egress interface and not look for the security policy.




ChiragP by L2 Linker
  • 2 replies

Resolved! The 7 byte custom signature minimum

Hello Palo Alto,


I am doing a custom combination signature for brute force/Layer 7 HTTP DDOS protection. I am using "http-req-params" to block more than 5 attempts in 10 seconds for a particullar site (


Resolved! PA-5220 App Update issues

In my environment, we must update our apps manually. One machine allows it to be updated like normal through the device menu, but on other machines when uploading the app file, it just keep showing the progress bar and doesn't go any further. Has any


Globalprotect users cert renewal process?

I have 20 GP users that has certificate check as first factor of authentication. The certs are set to expire in a month. If I renew the cert and export it to them on a USB stikc, will that break the connection until the certs are installed? What is t


URL Filtering reponse page into iframe

I have a situation, where on some page which is allowed in URL Filtering: ex. I have an iframe with another site which is blocked on URL Filtering: I have configured response page for block action. But when I open all


pkopec by L0 Member
  • 1 replies

Resolved! EDL IP list entry..

Hi Team,


We have EDL configured and there are many IP entries in that EDL but now for some reason we have to keep source address in edl as blank. 


Can you confirm that removing source address will not impact the list of IP entries in that EDL since w


Resolved! MSMQ (TCP1801) - Unknown TCP

Hi guys,

I have an issue allowing traffic between different components of the SolarWinds on port TCP/1801 for the application "Microsoft Message Queuing (MSMQ)". The traffic is recognized as unknown-tcp. I tried to identify an application that could m


BogdanS by L0 Member
  • 1 replies

Resolved! The installed version of PanOS on my pa-3020 is different then the installed version listed on my name configuration snapshot. Is this a bug?

On my pa-3020, we have PanOS 9.1.4 installed, 9.1.4 is shown as the installed version on the PanOS web UI.  However, when looking at the name configuration snapshot, the name snapshot says the installed version is 9.1.0.
Is this a common error to see


Top Solution Authors
Top Liked Authors