General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 193 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 875 Views
  • 0 replies
  • 0 Likes

dhcp on L3 or Vlan interface

Using our pa firewall connected to our ISP modem (in bridge mode) its working fine. But I have a zone called guest that I want to have dhcp clients on that will be separate from my trust network. I want to be able to have those guests on DHCP from th

...

roma by L2 Linker
  • 1975 Views
  • 4 replies
  • 0 Likes

duplicate ipsec tunnels

Hello Comunity,

 

I have a weird issue, we upgrade a cluster to 10.1.5-h1 from a 9.1 version, after the upgrade on the gui i see all the ipsec tunnels duplicated for example i had an ipsec tunnel called vpn_consult, after the upgrade i had 2 ipsec tunn

...

SSL Inbound decryption -Decryption error

One of my application is not  decrypted i have applied SSL inbound decryption policy  and got decryption-error.

On other hand another application with same intermediate certificate  having decrypted. As same intermediate only  child certificate is cha

...

Untitled.png
Palo Alto Networks Approved
Palo Alto Networks Approved

Stale SIP Sessions

Hello all,

 

We seem to have an issue with sip sessions being stuck in the session monitor for weeks and sometimes months.  There have been instances, albeit extremely rare, where it prevented new sessions from being formed on a sip trunk we were testi

...

stalesessions.png
stalesessionssip.png
ClintL by L2 Linker
  • 10527 Views
  • 4 replies
  • 0 Likes
Palo Alto Networks Approved
Palo Alto Networks Approved

Resolved! HA Failover Hold Timers?

Hi folks,

 

I will be configuing my first Active/Passive HA next weekend on two PA 3020 devices.

 

I am trying to understand the difference between Monitor Hold Time for HA1 link and Monitor Fail Hold Down Time for the Active/Passive settings.

 

Could anyo

...

HAtimer1.jpg
HAtimer2.jpg
OMatlock by L4 Transporter
  • 10379 Views
  • 4 replies
  • 1 Likes

Premium support contracts

I would like to open a case to verify our current support contracts. I need to know about premium supports if still covered for Hardware replacement and software maintenance? Here is my support account ID 23384

 

Thanks,

jgascon by L0 Member
  • 1140 Views
  • 1 replies
  • 0 Likes

Resolved! Device registration auth key is required for on-boarding firewall running PAN-OS 10.1 and above. All firewalls running PAN-OS 10.0 and lower do not re

Device registration auth key is required for on-boarding firewall running PAN-OS 10.1 and above. All firewalls running PAN-OS 10.0 and lower do not require or support device registration auth key. You can use the button below to create OR copy the de

...

ZhouYu by L2 Linker
  • 4207 Views
  • 1 replies
  • 0 Likes

SSO with macOS devices

Can anyone tell me if there is a supported method or a known workflow to have Global Protect automatically sign in sign in to the current user account with locally domain bound macOS devices? Similar to the way we are able to do this with Windows PC'

...

Connect automatically to Global Protect using OKTA cred

Hi,

Thought it might be worth asking here, maybe you can help me 

We're using Prisma Access and the Global Protect client to log in to VPN. We're also using OKTA to authenticate.

 

Is there any way to somehow automate the login to the client, and ma

...

nivhovav by L0 Member
  • 2233 Views
  • 2 replies
  • 0 Likes
Palo Alto Networks Approved
Palo Alto Networks Approved

Downgraded software

I downgraded 5220 from 10.1 to 9.1.14h4 and once rebooted fan wont stop starting and stopping. Also can’t commit says communication error happened during configuration to dataplane

mlindsey by L0 Member
  • 1568 Views
  • 2 replies
  • 0 Likes

The Cortex UX Research Lab Is Seeking Participants!

 

Hello LIVEcommunity!

 

 

The Cortex team is currently developing a significant UX research effort, the Cortex UX Research Lab, for all aspects of Cortex. As a part of that, we need you — the user — to help us best understand how people use our pro

...

Screen Shot 2023-01-17 at 9.59.01 AM.png
JayGolf by Community Team Member
  • 2369 Views
  • 2 replies
  • 1 Likes

Pre Logon then On Demand

Hi All,

 

I have a question regarding Pre-Logon and then on demand.

 

A client has reported they have setup pre-logon tunnel rename timeout to 90 secs. After the client logs in, the GP client goes into a disconnecting state and never times out. Client ha

...

Ben-Price by L4 Transporter
  • 4482 Views
  • 5 replies
  • 0 Likes
Palo Alto Networks Approved
Palo Alto Networks Approved

Resolved! Secuity Profile Question

I would like to test the virus file through the PA firewall.

 

But PA firewall is no configure any security profile.

 

May I know is it defected by Palo Alto? Such as found by threat log?

WingMak by L1 Bithead
  • 2434 Views
  • 5 replies
  • 0 Likes
  • 24009 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Posts
Top Liked Authors
Labels