This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4229 Views
  • 0 replies
  • 0 Likes

Resolved! Warnings: External Dynamic List <list> is configured with no certificate profile.

Warnings: External Dynamic List &lt;list&gt; is configured with no certificate profile. Please select a certificate profile for performing server certificate validation. Customer went from 7.1.x to now 8.0.x and is using a MineMeld link in the External Dynami List(EDL). This link is to a https site. We followed this link: https://live.paloal...

minemeldcertprof.JPG
DaBone by L5 Sessionator
  • 66582 Views
  • 17 replies
  • 2 Likes

Resolved! Prisma access blocking bing.com integrated chatgpt.

Prisma access is preventing me from using Bing-integrated Chatgpt. Yeah, there is a persistent problem with Prisma access on Chatgpt. On the Sase page at https://sase.status.paloaltonetworks.com, you might view.https://sase.status.paloaltonetworks.com/ I applied these temp solutions: Try configuring the split tunnel and adding these fqdns t...

Bing chatgpt.JPG
prikumar by L1 Bithead
  • 9732 Views
  • 7 replies
  • 8 Likes

SIP traffic being dropped in drop.pcap on the PA with PAN OS version 10.2.4-h2

SIP traffic is not working properly, we recently upgraded to PAN OS version 10.2.4-h2 and seeing issues with multiline calls Steps taken: ALG is disabled, we have already created SIP-override and RTP override but no luck. @Param_Upadhyay @UtkarshKumar We then did a packet capture and found that SIP traffic flow completes fine and call works f...

Didar_Bajwa_1-1690500469057.png

Resolved! PANORAMA: Local override settings and behavior with new Template Stack

Hello good afternoon, here again with some doubts with some new doubts about Panorama, thank you very much for the collaboration and support. What happens in this case: I have a firewall that allows a certain template stack, with X Networks and Devices configurations. These firewalls (in HA) will be migrated to a new template stack, but there I ...

Metgatz by L4 Transporter
  • 5184 Views
  • 2 replies
  • 0 Likes

Resolved! The dataplane is restarting

After this log message the dataplane start a auto restart and I don't know what meaning. After five minutes the dataplane come back up and the operation is normaly. Severity: critical Description: gdb:2 tracked gdbs, calling early dp down fail I uses a PA-3220 with PAN-OS 9.1.0 without HA.

Resolved! Import of SSL-TLS-cert failed. Mismatched public and private keys.

We are adding a new Web Server certificate for portal validation in our brand new firewall. We created the CSR in the Firewall and exported it to sign it with GoDaddy CA. Once we download the bundle from GoDaddy we extracted the root, intermediate, and server certificate in Base64 format.We can import the root and intermediate without any proble...

JorgeOrtega_0-1644162873316.png
JorgeOrtega_1-1644162904504.png

Can't create DNS Proxy using Panorama

ISSUEWhen try to configure DNS Proxy with panorama after commit we get next message error:dns-proxy -&gt; xxxxx-&gt; server-profile 'yyyyy' is not a valid referencedns-proxy -&gt; LAN_speedup -&gt; server-profile is invalid xxxxx -&gt;dns proxy configuredyyyyy -&gt;server dns profile created RESOLUTIONThe DNS server profile was added as a featur...

Marivi by L2 Linker
  • 8394 Views
  • 6 replies
  • 2 Likes

Resolved! Upgrade V9 to V10 issue

We have a number of 3020's coming to EOL and running max version 9.. We have purchased new PA-450's to replace these but they can only run on min version 10. When I load the config from 3020 to 450 commit fails as part of the config is either no longer viable or in the wrong place. I have been able to edit certain bits but not sure what else m...

Mick_Ball by L7 Applicator
  • 3496 Views
  • 4 replies
  • 0 Likes

Can not Login PA-HDF - Deploy Trial VM-Series OVA

I downloaded and deployed the Trial PA-VM for Private Cloud (vSphere7.0), but I could not log in using admin/admin at the "PA-HDF Login:" prompt.I searched the Community for similar issues, but could not find a specific solution. I am having trouble transitioning to the screen for entering the key to enter maintenance mode quickly enough.Could y...

dozor_mki_0-1690188881504.png

UserID WinRM-HTTPS and Kerberos

I tried generating a self signed certificate on the firewall and installed this on the domain controller and assigned it to WinRM-HTTPS. This worked but I can’t figure out why it’s rejecting the certificate from our internal CA.

s0lselcia by L4 Transporter
  • 1732 Views
  • 2 replies
  • 0 Likes

Certificate SSL Self Signed Expired GP SSL-TLS Profile Global Protect

Hello Live Community, how are you doing? I have the following doubt and concern If I have a PA configured with a Self Signed SSL certificate for Global Protect use, SSL/TLS profile for GP, and that certificate is is close to expiring. All the workstations that have the global protect client, have the certificate installed, so that it is re...

Metgatz by L4 Transporter
  • 4768 Views
  • 3 replies
  • 0 Likes

I'm planning to upgrade my Palo Alto firewall from version 9.0 to 10.1. Are there any critical points to consider before proceeding with the upgrade?

Hello I'm currently planning to upgrade my Palo Alto Networks firewall from version 9.0 to 10.1. As this is a critical operation, I want to ensure a smooth transition without any disruptions to our network and security policies. Before proceeding with the upgrade, I'd like to seek advice and insights from the community on the best practices to f...

VM Firewall Setup

Hi All, I am configuring the VM Firewall. I will not be able to manage the Firewall with the Mgmt Interface as customer has restricted only internet access and MPLS access. So decided to manage it via MPLS interface. There are 3 network adapters in ESXi host as per KB. 1 - Mgmt 2 - eth1/1 3 - eth1/2 Initially i configured eth1/1 with the /29 s...

Software upgrades hotfixes

1) I am planning to upgrade to 11.0.1 but I also see a 11.0.1-h2 - which one should I upgrade to (I'm on currently on 10.2.3) ? 2) On the support pages under software updates I'm filtered on 'PAN-OS for VM-Series'. Will this give me correct installation files for AWS EC2 ?

daz12 by L1 Bithead
  • 2826 Views
  • 3 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks