General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1250 Views
  • 0 replies
  • 0 Likes

Resolved! how to whitelist Akamai downloads ?

How do yuo configure a correct FW rule to only allow downloads for a specific user from a specific URL, but the content is hosted on akamai networks ?

 

I configred a FW rule with the URL of the server as FQDN in the destination field and allowed downl

...

DaxVC by L2 Linker
  • 13101 Views
  • 6 replies
  • 0 Likes

Resolved! Proper "outside" interface configuration

Hello all!

I'm facing an issue which brings me to ask what the proper configuration should be for an outside interface.

 

Given the attached diagram and captures, do I have the correct outside interface (vlan.100) configuration?

 

diagram

 

  • Outbound t
...

if-cfg-question_202504151350.jpg
2025-04-15_14-15-22.jpg
2025-04-15_14-04-22.jpg
2025-04-15_13-52-51.jpg
relayer by L1 Bithead
  • 1743 Views
  • 5 replies
  • 0 Likes

ACME and SSL decryption

So i recently got wind of this:

 

https://www.thesslstore.com/blog/47-day-ssl-certificate-validity-by-2029/

 

acme.sh and/or certbot takes care of the servers, but won't this break existing SSL decryption rules?

Any strategies/workarounds for this? t

...

Resolved! Clarification on http2 traffic and decryption

Hi all,

 

I was hoping to get some clarification on http2 and firewall interaction. I understand that generally http2 works without issue as long as it's being decrypted. I also understand disabling inspection/decryption (Strip TLS ALPN) on http2 tra

...

KGDrake by L0 Member
  • 2699 Views
  • 2 replies
  • 0 Likes

Resolved! Best method to block Instant Messaging

Working for a State Government agency, we are required to keep a record of any official electronic communication.  Using public Instant Messaging services creates a problem for us in that we don't have a mechanism for keeping copies of any transactio

...

merrydc by L1 Bithead
  • 4906 Views
  • 4 replies
  • 0 Likes

GP/ LDAP authentication

Hi, 

 

I have a test AD/PA setup.

AD and LDAP connectivity is okay so far.

 

My problem is that I am unable to authenticate any user against Global Protect.

The un/pw are correct.

The group are correct too, as far as I can see.

 

This is the output i get when

...

Vimz888 by L1 Bithead
  • 3643 Views
  • 4 replies
  • 0 Likes

IPSec intermittent disconnection issue

Hi,

 

Is there a command to check if a tunnel went down on a specific time and why it happened.

I have a tunnel set-up to a 3rd party where they keep monitoring some of their servers. They inform me that they receive alarms every hour that the endpoi

...

AY_FASAR by L1 Bithead
  • 1149 Views
  • 6 replies
  • 0 Likes

How to stop the output of CUID errors

Attention: JAPAC TPM team

 

Hello

I'm Shono Kawaguchi.

 

Please tell me how to stop the output of the following error.

 

high userid cuid-conn 0 gRPC connection to identity.services-edge.paloaltonetworks.com:443 is broken, error: Feature is not enabl

...

Syslog Custom Format for Splunk

I'm trying to get the firewall to send before and after change detail to splunk. I've tried various formats in Custom Log Format, but any changes I make result in no logs being sent to splunk. What is the correct format for Custom Log Format when usi

...

Resolved! Applipedia Down?

Hi,

 

Applipedia (https://applipedia.paloaltonetworks.com/) currently seems down - I'm getting "Sorry, an error occurred while processing your request." when visiting.

 

Anyone able to advise when this will be back up, or if this has been moved elsew

...

s3cb0ar by L0 Member
  • 5076 Views
  • 12 replies
  • 1 Likes

VPN issues with 3 ISPs

After upgrading to the pa-850 10.2.13-H3 version, problems started occurring in one of the ISPs. There are 3 ISPs, the first two main ones and the third one as a secondary ISP which manages the VPNS. After the upgrade the configuration was maintained

...

F.Pinar by L3 Networker
  • 697 Views
  • 2 replies
  • 0 Likes
  • 24175 Posts
  • 117 Subscriptions
Top Solution Authors
Top Liked Authors
Labels