This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4450 Views
  • 0 replies
  • 0 Likes

Certificates not appearing in XML running configuration

Dear colleagues, I am having trouble with the custom Nagios plugin check_paloalto, specifically with the "certificates" check. The rest of the checks are working fine. Basically, the "certificates" check leverages the API calls and parse the XML running configuration file to find the certificates. The issue is that my firewalls (which are ma...

GGarolla by L1 Bithead
  • 2246 Views
  • 2 replies
  • 0 Likes

Resolved! Unable to access bing copilot (Bing AI Chat) from Prisma Access Remote Network

Recently Microsoft launched the new AI powered Bing search engine with the integration of chatGPT and Edge browser. There is some issue with the Prisma Access and chatGPT and users are unable to access it from the RN and as well as from the Prisma Access VPN. This post describes how to access the Bing copilot from the remote network. If you ha...

Screenshot 2023-06-03 015800.png
Screenshot 2023-06-03 021843.png
taison by L0 Member
  • 7919 Views
  • 1 replies
  • 3 Likes

Resolved! Best practice for Active/Passive HA and OSPF

I configured Active/Passive HA in an environment where the firewalls connect to a core switch. There is an OSPF adjacency exists between the active Palo and the core switch. I'm curious what the best practice is for OSPF and HA. When tweaking the OSPF settings on the Palo, disabling OSPF graceful reset/strict LSA checking led to a vastly quicker...

inssider by L1 Bithead
  • 10926 Views
  • 2 replies
  • 0 Likes

Inquiries about PBF nexthop settings when the ISP is a DHCP Client

1. Issue: PBF does not operate normally when the public IP received from the line is a dynamic IP 2. Measures- If the circuit IP is a static IP, check the normal operation by inserting the gateway into the PBF – Nexthop setting- If the line IP is a dynamic IP, check the normal operation by inserting the gateway into the PBF – Nexthop setting At...

HilineISP_Tech_1-1685668963739.png

Understanding URL Filtering security profiles vs Rule Action

Hi!I have a pretty basic question that I couldn't find the answer to - am hoping that someone could help me understand this. Let's say I have a security rule: Rule 1: src=192.168.1.0/24, Dst=192.168.2.0/24, Svc=Any, Action=Allow, Security Profile=Antivirus, URL Filter (which blocks Gambling sites)Rule 2: src=192.168.1.100, Dst=192.168.2.100, S...

Resolved! IKEv2 tunnel does not restore after HA failover

I have an IKEv2 IPSec tunnel that does not automatically restore after an HA failover. Once the IKE-SA and IPSec-SA is manually cleared, the tunnel eventually restores. I have other IKEv2 tunnels that restore after several minutes with no intervention. The VPN is configured to a GRE router so the only application I'm seeing on the session is "...

Cortex XDR: How to block execution of some unwanted apps

Hello All, We have observed some unwanted applications( Any desk, WhatsApp) used by end users in customer environment. Is there any way apart from blocking the hash present in cortex console which will block the execution of such files. Thanks in advance. Regards, Sakshi Seth

When logging into the community can I turn off the email a code?

Whenever I want to log into the palo alto networks community, it asks to email a code to my email address. Sometimes I think it already did but nothing came, but in reality I never clicked the button to send the email. Is there a way to turn that off, or maybe do a push notification to Duo instead? This is why I use the r/paloaltonetworks subr...

ksauer507 by L3 Networker
  • 1298 Views
  • 1 replies
  • 0 Likes

Day 1 Configuration of PAN-410 model firewall

I created day 1 config file for my PA-410 model firewall and loaded the configuration. But while commiting Got below error: "email-scheduler -> Possible Compromise -> report-group 'Possible Compromise' is not a valid referenceemail-scheduler -> Possible Compromise -> report-group is invalid " When I double checked the file I downlo...

Sujanya by L3 Networker
  • 4011 Views
  • 5 replies
  • 0 Likes

Resolved! Qualys scanner blocked

Hi, We recently deployed Palo Alto and I notice that its blocking qualys scan on my internal network for the traffic passing through the Palo Alto vwire. How can allow all qualys traffic to pass through the Palo Alto?

ismailsh by L1 Bithead
  • 2847 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect Machine account exists with device serial number config

Dear Team, I'm trying to set up GlobalProtect's 'Serial Number Check' feature, but I'm having a hard time. GlobalProtect is already being used in conjunction with LDAP. So, when I do not use the function, I log in normally. I want to control by matching the serial number to the LDAP user. Is it correct that the serial number mentioned ...

CHOEKyungJun_0-1685060942772.png
CHOEKyungJun_1-1685060964833.png
CHOEKyungJun_2-1685060974068.png
  • 24376 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks