This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4131 Views
  • 0 replies
  • 0 Likes

Resolved! XQL Query UTC Time Help

We're capturing windows event 4800 and 4801 (Windows Locked and Windows Unlocked) and are working to build a report on it for the previous day, midnight to midnight. I've got the query setup exactly as we want, however are struggling to get around UTC. Does anyone have a good method to get around UTC? Obviously, when I Run the report in XQL, ...

No ms-onedrive-uploading or downloading Appl activity--it is all ms-onedrive-base

We don't allow ms-onedrive-uploading. Some IT have UserID-based right to ms-onedrive-base & ms-onedrive-downloading. Despite all of those up-privileged users showing "ms-onedrive-base" activity--nobody shows downloading. It was brought to our attention that they can upload to onedrive which is showing up as "ms-onedrive-base" only. And...

Royalfr by L2 Linker
  • 3077 Views
  • 2 replies
  • 0 Likes

how to get domain/user from azure Saml authentication?

Hello community. I have configured Azure SAML authentication for globalprotect users and I would like to get domain\username after authentication to match with GP portal´s agent configurations also in the form of domain\username or domain\group. Is there a way I can configure the firewall to get the domain\username after authentication or th...

Carracido by L4 Transporter
  • 1348 Views
  • 1 replies
  • 0 Likes

Route table behavior when a static route exists and is active, and a route learned via OSPF is also present.

Hi, We have static routes in place at 7 sites for routing between sites. In addition we are learning routes via OSPF, and these are set to a higher admin cost so not active. So the static route is active. When we look in the "runtime stats" route table (Not the forwarding table) of the virtual router, we only see the static routes currently, a...

CyberEng by L2 Linker
  • 4334 Views
  • 6 replies
  • 0 Likes

PA820 Upgrade Path

Hello, I was wondering what is the best path to upgrade from PAN-OS 9.1.15-h1 which I have read will be EOS-EOL 12-31-2023 to PAN-OS 10.2.4-h3 Thanks.

Resolved! User ID with Separate Domains

Team, I have one FW running agentless User-ID in an environment with two separate Domains one is XYZ and another domain is 123. User-ID can see both domains but cannot monitor both of them so users that login on XYZ domain are restricted in the policy's but for users that login under 123 User-ID does not see them so they are just blocked. An...

Resolved! Warnings: External Dynamic List <list> is configured with no certificate profile.

Warnings: External Dynamic List &lt;list&gt; is configured with no certificate profile. Please select a certificate profile for performing server certificate validation. Customer went from 7.1.x to now 8.0.x and is using a MineMeld link in the External Dynami List(EDL). This link is to a https site. We followed this link: https://live.paloal...

minemeldcertprof.JPG
DaBone by L5 Sessionator
  • 66231 Views
  • 17 replies
  • 2 Likes

Resolved! Prisma access blocking bing.com integrated chatgpt.

Prisma access is preventing me from using Bing-integrated Chatgpt. Yeah, there is a persistent problem with Prisma access on Chatgpt. On the Sase page at https://sase.status.paloaltonetworks.com, you might view.https://sase.status.paloaltonetworks.com/ I applied these temp solutions: Try configuring the split tunnel and adding these fqdns t...

Bing chatgpt.JPG
prikumar by L1 Bithead
  • 9634 Views
  • 7 replies
  • 8 Likes

SIP traffic being dropped in drop.pcap on the PA with PAN OS version 10.2.4-h2

SIP traffic is not working properly, we recently upgraded to PAN OS version 10.2.4-h2 and seeing issues with multiline calls Steps taken: ALG is disabled, we have already created SIP-override and RTP override but no luck. @Param_Upadhyay @UtkarshKumar We then did a packet capture and found that SIP traffic flow completes fine and call works f...

Didar_Bajwa_1-1690500469057.png

Resolved! PANORAMA: Local override settings and behavior with new Template Stack

Hello good afternoon, here again with some doubts with some new doubts about Panorama, thank you very much for the collaboration and support. What happens in this case: I have a firewall that allows a certain template stack, with X Networks and Devices configurations. These firewalls (in HA) will be migrated to a new template stack, but there I ...

Metgatz by L4 Transporter
  • 5091 Views
  • 2 replies
  • 0 Likes

Resolved! The dataplane is restarting

After this log message the dataplane start a auto restart and I don't know what meaning. After five minutes the dataplane come back up and the operation is normaly. Severity: critical Description: gdb:2 tracked gdbs, calling early dp down fail I uses a PA-3220 with PAN-OS 9.1.0 without HA.

Resolved! Import of SSL-TLS-cert failed. Mismatched public and private keys.

We are adding a new Web Server certificate for portal validation in our brand new firewall. We created the CSR in the Firewall and exported it to sign it with GoDaddy CA. Once we download the bundle from GoDaddy we extracted the root, intermediate, and server certificate in Base64 format.We can import the root and intermediate without any proble...

JorgeOrtega_0-1644162873316.png
JorgeOrtega_1-1644162904504.png

Can't create DNS Proxy using Panorama

ISSUEWhen try to configure DNS Proxy with panorama after commit we get next message error:dns-proxy -&gt; xxxxx-&gt; server-profile 'yyyyy' is not a valid referencedns-proxy -&gt; LAN_speedup -&gt; server-profile is invalid xxxxx -&gt;dns proxy configuredyyyyy -&gt;server dns profile created RESOLUTIONThe DNS server profile was added as a featur...

Marivi by L2 Linker
  • 8290 Views
  • 6 replies
  • 2 Likes

Resolved! Upgrade V9 to V10 issue

We have a number of 3020's coming to EOL and running max version 9.. We have purchased new PA-450's to replace these but they can only run on min version 10. When I load the config from 3020 to 450 commit fails as part of the config is either no longer viable or in the wrong place. I have been able to edit certain bits but not sure what else m...

Mick_Ball by L7 Applicator
  • 3442 Views
  • 4 replies
  • 0 Likes
  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks