This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4119 Views
  • 0 replies
  • 0 Likes

Resolved! PA-450 PAN-OS Sofware missing from Updates > Software Updates

Hi We have 4 PA-450 that are new out of the box and we need to upgrade the software on them to a newer realease. When i login to the support portal and look under Updates i dont find anything related to PA-450 under the content type to select from? If there a way to get a copy of a specific release and upload it to the devices? The Firewalls...

AdamGB by L0 Member
  • 5448 Views
  • 4 replies
  • 0 Likes

The dreaded User-ID, Dynamic TAGS, XMLAPI and Multi-vsys

Hi Community, my first post so hopefully I am in the right area.I am running a multi-vsys setup with 5220's in Active-Active HA and using XMLAPI calls from Aruba ClearPass to send login/logout info as well as tags for use in dynamic object groups. It seems to be hit and miss with tags being registered for clients/IP addresses particularly on one...

gfirth77 by L0 Member
  • 2934 Views
  • 1 replies
  • 1 Likes

Zone protection for VM series

Hi everyone, I was looking for PA best practices for VM series' zone protection but only found documents that talked about physical PA. 1. Are physical and VM series zone protection the same? could you point me where the docs for these are? 2. Under zone protection profile, flood protection, and SYN, there are 2 options 'Random Early Drop' ...

tinhnho by L3 Networker
  • 4603 Views
  • 6 replies
  • 0 Likes

Logging of allowed URL attempts without allowing other traffic

Here is a simple example on what I am basically trying to do. We have two rules that allow access to certain domains. Rule 1 : Allow access to domainX.com Source: LANDestination: IP-Group Security Profile: URL Filtering (Base-URL-Filtering-Profile) Rule 2 : Allow access to domainY.com Source: LANDestination: Any Destination URL Category: D...

User868 by L1 Bithead
  • 1563 Views
  • 1 replies
  • 0 Likes

SSL decryption and AppID

Today we use "ssl" AppID in firewall rules. In case we would enable SSL decryption, is it needed to add the AppIDs of the decrypted traffic to the firewall rules, e.g. web-browsing, java, flash, or is the AppID staying "ssl" even when traffic is decrypted?

Anon1 by L4 Transporter
  • 15248 Views
  • 10 replies
  • 0 Likes

Resolved! Configure second DUO for PA firewall MFA

We have configured a DUO Proxy server for PA firewall MFA and it works. We also configured the second DUO proxy server for redundancy. However, we don't know how to configure PA firewall to failover to the second DUO in a case the primary DUO proxy server is down. Any help?

boblin by L2 Linker
  • 9523 Views
  • 16 replies
  • 0 Likes

10.0.4.vm.eval shutting down - vmware workstation

Anyone had luck running 10.0.4 vm eval on vmware workstation? It shuts down right after initial startup, before I get a chance to login in console. There's more than enough CPU/RAM/Storage. Network Adapters are configured properly. 10.0.0 vm works fine in the same workstation. However my 10.0.0 doesn't have eval license, so limited functionality...

PanOS 11.0.1 DHCPv6 issues after reboot

Hi everyone, I configured a PA440 as a DHCPv6 Client and a Fritzbox 3390 as the DHCPv6 Server (with IA_PD & IA_NA). I also configured an inherited interface. The configuration is the same as here: https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-new-features/networking-features/dhcpv6-client-with-prefix-delegation I experienced some ...

JanHend by L0 Member
  • 3920 Views
  • 2 replies
  • 0 Likes

Resolved! SSL Decryption Session is Full

Hello all, When the SSL Decryption Session is full, the customer asks how the non-decryption traffic is handled.We need information about whether the lack of resources is causing random drops or not being affected.The current model is VM-700, VM-300 and the OS is 9.1.14. CPU and Memory are set to Allow maximum.Kind regards,

Application Catagory is not working

Hi Team, We are facing issue with the firewall policy is not working, we have a backup server(Acronics) that we neeet to allow communicaion between agent and server we have create a access policy for the communication but once we remove the contom application from the access rule it is working fine but once we add thoes respective applica...

VINAYAKJ by L0 Member
  • 2195 Views
  • 1 replies
  • 0 Likes

Customer portal login Issue

Geeting message "Your membership has expired or has not been approved, please contact Palo Alto Networks Support." while trying to raise Case in palo alto network portal.

PrabhuC by L0 Member
  • 2671 Views
  • 3 replies
  • 0 Likes

GlobalProtect error message mfc120.dll is missing during upgrade

We have recently rolled out GlobalProtect version 3.1.1 and have started to see the following error message on some users machines during the upgrade: "The program can't start because mfc120.dll is missing from your computer. Try reinstalling the program to fix the problem." The program mentioned is PanGPS.exe. The file mfc120.dll is part of on...

TKapKopp by L2 Linker
  • 12063 Views
  • 5 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks