If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users.
In the past six
...
Hello, I've got a PA-3020, but I don't have license. What do I lose without the product license? Only support? I would like to know.
Hi All,
We have a problem with the report data on Solarwinds. We are running a multi-vsys Palo Alto 5220 with bgp connectivity to a router and need to run bandwidth reports on all vsys. All Vsys have at least 2 BGP Peering for inside and outside on 2
...
Hello All,
I have a customer that requested the information below:
"We have recently discovered that apple is moving to Akamai for services like App store and IOS updates. Would you happen to know if Akamai has an API for the ip addresses so we
...
Bit of history. We, our system architect, deployed GlobalProtect prior to covid and work from home. He set it up using SAML and no RADIUS. 5mo into work from home and most users have been required to change their passwords if not all of them. To
...
Can anyone please confirm if below is the expected behavior of the GP Android App with internal gateway on Chromebook?
When inside the network with internal host detection GP greys out. Using GP 5.2.2
If GP greys out after connecting does this mean th
...
I've got a rule that allows the following applications from any source in our trusted zone out to any destination in the untrust zone.
Dear All,
First, I would like to thank the community for help us a lot of time. i have a question, is their feature in Palo Alto to inspect the internal traffic (IDS and IPS)?
Hi All,
Just some queries,
1) what is the difference between the App base rule and Service base rule?
2) For security purpose which one is a more secure app or service base rule?
3) What is the benefit of using App base rules?
Thanks in advance.
I am spinning up a new 820 HA pair and on my last site I am getting an error when downloading the OS and dynamic updates. The other site work fine. I am getting the following error:
We got certificate tree like this:
the public certificate (Trusted root CA) from Digicert, Intermediate cert (Digi root) and then the SSL/TLS cert (DigiVPN). This DigiVPN is going to expire soon and we use it for GP portal and GW. The server cert is b
...
Hello,
From what I understand, when creating a tunnel monitor between two PA devices it's best to assign IP addresses on the same segment to the tunnel interface on each side. The monitor is then setup with the remote destination on each side.
Examp
...
Hello friends,
I would like to know expected issues if we enable ssl forward proxy to a production environment. There are services allowed with different ports , web services and all working fine now. As this is first time am planning to enable for
...
Hi,
We need to add secondary PA-220 to existing (production) standalone PA-220 and make it has Active/Standby. Trust interface on PA will be trunk with two sub-interfaces. Both the PA trust interfaces are going to connect downstream Core switch. Core
Is there a way to export a deactivated GlobalProtect client MSI installer from the firewall or download a version from the support website? A client also has a palo alto firewall, but is on a different client version than what I use internally. The
...
Hello All,
I am facing issue to export traffic logs from the firewall in CSV format. getting the error "no jobs query found".
Troubleshooting:-
* Increased the CSV row number up to 1048576.
* I can export URL filtering logs, security policy, NAT policy
...
on:
reaching Session Count Limit
on:
no valid content package exists
on:
Issue with network driver of PAN-OS 10.1.3 deployed in azure
on:
SNMP OID for identifying if an power supply had failed or removed from the firewall
on:
Traffic cannot return
