General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

PCNSE Cyber Security Practice Lab

I am preparing for the PCNSE. The link to the CyberSecurity Practice Lab does not work. Can someone point me to the new location or an updated link?

Thank you

DHCP WAN nat to loopback interface for restricted management

Greetings!

Running Pan OS 10.2.3-h2

Is it possible the have DHCP on the WAN interface, Nat inbound traffic to a loopback interface that allows management?

The inbound security policy would restrict access based on set of FQDNs

Resolved! Apps Seen zero in panorama

Hi Team,

Why do my Panorama Security logs show Apps Seen as Zero??

Is there a way to see how many Address objects/groups I have?

Hello, all.

I'm trying to determine how many address objects and object groups I have across all of my VSYS on one of my platforms. I found the command to show the maximum allowed (see below), but not one that shows how many are currently there.

Is t

...

Resolved! Failed to validate server certificate for endpoint api.paloaltonetworks.com

All of my PA firewall is running PAN-OS 8.1.15-h3 and facing this issue below. Anyway, they are able to send log to Cortex Data Lake How can I resolved this error?

Result: Failed to validate server certificate for endpoint api.paloaltonetworks.com

issue1:

I am having issues with getting Panorama and firewalls connected up to datalake. I opened a case and i am told it can't connect to api.paloaltonetworks.com. I have pcap that says otherwise. There is no ssl decryption in between. Its frustratin

...

Resolved! Whitelisting IP Addresses

I am trying to whitelist some IP addresses. I added the IPs to our allow policy in the URL category section. Is there anything else that I should be doing? The purpose of this is to allow our printer providers servers so our printers can communicate

...

Prioritize Tunnel Static Route over L2 physical route

Hi,

I have an IPSec Tunnel between a remote central site and a PA-220.

This tunnel advertises it's remote internal network in 10.100.10.0/27.

A static route has been created in the PA with a metric > 1 (10), to route traffic in direction of

...

Resolved! Aggregate Interface with sub-interface

Dear all,

I am designing a new network for a client and they have lots of zones. my idea is to create an aggregate interface (ae1) and create sub-interfaces for the individual zone.

I read aggregate interface can be done on SD-WAN level and could n

...

Civil3D 2023 and Global Protect

Greetings Programs,

We have a client that is an engineering firm. They have a few remote engineers and we are starting to see issues with Civil3D 2023(AutoCAD).

Majority of these end users have Windows 11 OS with Global Protect installed on it to V

...

FQDN object not resolved

Hi,

We have this fqdn object created:

2021-01-08 12:26:14.872 +0100 dnscfgmod: Fqdn SIEMENS OWNCLOUD SERVER/cco.siemens.com could not be resolved

If i run a ping from MGMT A interface is resolving:

ping host cco.siemens.com
PING cco.siemens.com (212.23

...

Panorama stop showing logs suddenly

Hi,

We have a panorama M100. Panorama is showing logs but suddenly stop doing it. We can not see any logs until we restart logd proccess or appliance. Panorama version is 8.0.8

Why is this happening?

Resolved! Recommended action for real-time-detection URL category

Can you please help me clarify the new real-time-detection category, which is covered by the URL filtering license?

According to the article the Advanced URL filtering "real-time-detection" URL category is not a classification by itself, but a re

...

Resolved! User resetting expired password through Global Protect

Is a user able to update their password (when its expired or a force change is required) in Global Protect when using SAML Azure AD authentication? There is this older document saying its possible when using Radius with PEAP-MSCHAPv2 authentication b

...

Root certificate install

If I install a new certificate why does the root certificate have to be installed as well with it (well that is what I saw on a demo) ? I thought the root certificate was needed more on the client side or other firewall connecting to the one I'm refe

...

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

PCNSE Cyber Security Practice Lab

DHCP WAN nat to loopback interface for restricted management

Resolved! Apps Seen zero in panorama

Is there a way to see how many Address objects/groups I have?

Resolved! Failed to validate server certificate for endpoint api.paloaltonetworks.com

Result: Failed to validate server certificate for endpoint api.paloaltonetworks.com

Resolved! Whitelisting IP Addresses

Prioritize Tunnel Static Route over L2 physical route

Resolved! Aggregate Interface with sub-interface

Civil3D 2023 and Global Protect

FQDN object not resolved

Panorama stop showing logs suddenly

Resolved! Recommended action for real-time-detection URL category

Resolved! User resetting expired password through Global Protect

Root certificate install

Upgrade from version 10.2.7-h8 to 10.2.11-h2

IPSec setup with certificate

UNABLE TO PING MANAGEMENT INTERFACE FROM LAN

Site flagged as GRAYWARE Please Help!!

HA State is "not sycned" even though Sync Task is completed on Peer (Passive) Gerät)

Re: User ID agent not starting.

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Re: Sofware Upgrade broken? "An active license is required for this feature"

Re: Cannot see Dynamic IP lists

Recommended PAN-OS version

Unlock your full community experience!

Resolved! Apps Seen zero in panorama

Resolved! Failed to validate server certificate for endpoint api.paloaltonetworks.com

Resolved! Whitelisting IP Addresses

Resolved! Aggregate Interface with sub-interface

Resolved! Recommended action for real-time-detection URL category

Resolved! User resetting expired password through Global Protect