This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

Zone protection for VM series

Hi everyone, I was looking for PA best practices for VM series' zone protection but only found documents that talked about physical PA. 1. Are physical and VM series zone protection the same? could you point me where the docs for these are? 2. Under zone protection profile, flood protection, and SYN, there are 2 options 'Random Early Drop' ...

tinhnho by L3 Networker
  • 4603 Views
  • 6 replies
  • 0 Likes

Logging of allowed URL attempts without allowing other traffic

Here is a simple example on what I am basically trying to do. We have two rules that allow access to certain domains. Rule 1 : Allow access to domainX.com Source: LANDestination: IP-Group Security Profile: URL Filtering (Base-URL-Filtering-Profile) Rule 2 : Allow access to domainY.com Source: LANDestination: Any Destination URL Category: D...

User868 by L1 Bithead
  • 1563 Views
  • 1 replies
  • 0 Likes

SSL decryption and AppID

Today we use "ssl" AppID in firewall rules. In case we would enable SSL decryption, is it needed to add the AppIDs of the decrypted traffic to the firewall rules, e.g. web-browsing, java, flash, or is the AppID staying "ssl" even when traffic is decrypted?

Anon1 by L4 Transporter
  • 15234 Views
  • 10 replies
  • 0 Likes

Resolved! Configure second DUO for PA firewall MFA

We have configured a DUO Proxy server for PA firewall MFA and it works. We also configured the second DUO proxy server for redundancy. However, we don't know how to configure PA firewall to failover to the second DUO in a case the primary DUO proxy server is down. Any help?

boblin by L2 Linker
  • 9513 Views
  • 16 replies
  • 0 Likes

10.0.4.vm.eval shutting down - vmware workstation

Anyone had luck running 10.0.4 vm eval on vmware workstation? It shuts down right after initial startup, before I get a chance to login in console. There's more than enough CPU/RAM/Storage. Network Adapters are configured properly. 10.0.0 vm works fine in the same workstation. However my 10.0.0 doesn't have eval license, so limited functionality...

PanOS 11.0.1 DHCPv6 issues after reboot

Hi everyone, I configured a PA440 as a DHCPv6 Client and a Fritzbox 3390 as the DHCPv6 Server (with IA_PD & IA_NA). I also configured an inherited interface. The configuration is the same as here: https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-new-features/networking-features/dhcpv6-client-with-prefix-delegation I experienced some ...

JanHend by L0 Member
  • 3916 Views
  • 2 replies
  • 0 Likes

Resolved! SSL Decryption Session is Full

Hello all, When the SSL Decryption Session is full, the customer asks how the non-decryption traffic is handled.We need information about whether the lack of resources is causing random drops or not being affected.The current model is VM-700, VM-300 and the OS is 9.1.14. CPU and Memory are set to Allow maximum.Kind regards,

Application Catagory is not working

Hi Team, We are facing issue with the firewall policy is not working, we have a backup server(Acronics) that we neeet to allow communicaion between agent and server we have create a access policy for the communication but once we remove the contom application from the access rule it is working fine but once we add thoes respective applica...

VINAYAKJ by L0 Member
  • 2192 Views
  • 1 replies
  • 0 Likes

Customer portal login Issue

Geeting message "Your membership has expired or has not been approved, please contact Palo Alto Networks Support." while trying to raise Case in palo alto network portal.

PrabhuC by L0 Member
  • 2667 Views
  • 3 replies
  • 0 Likes

GlobalProtect error message mfc120.dll is missing during upgrade

We have recently rolled out GlobalProtect version 3.1.1 and have started to see the following error message on some users machines during the upgrade: "The program can't start because mfc120.dll is missing from your computer. Try reinstalling the program to fix the problem." The program mentioned is PanGPS.exe. The file mfc120.dll is part of on...

TKapKopp by L2 Linker
  • 12059 Views
  • 5 replies
  • 0 Likes

Symmetric return with ECMP not working

Hi All, We have dual ISP setup, and to load-balance the traffic we are using ECMP with static routes, and it works fine for the internet bound connections and traffic gets load-balanced. We however face issues with connection to our VPN servers in the DMZ. They are used by remote users to create a RA-VPN tunnel with the VPN servers from internet...

VarunRao_0-1614133551857.png
VarunRao by L2 Linker
  • 9236 Views
  • 5 replies
  • 1 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks