This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4257 Views
  • 0 replies
  • 0 Likes

What is the difference in function between the Global Protect Content Filter and the Cortex XDR content filter

On Mac (but I assume something similar exists on PC), both Cortex XDR and Global Protect install a content filter agent. What is the differnce in function between these 2 agents? If I remove the Global Protect agent do I still benefit from the same level of protection solely with the Cortex XDR agent?

MMoerman by L0 Member
  • 2512 Views
  • 2 replies
  • 0 Likes

pan os 10.2.4 advanced routing engine static route issues, a bug?

Hi guys, I have logged the case with palo alto with 'no issues found' response I would like to ask if anyone can kindly test for me I have converted to an advanced routing engine (pan os 10.2.4) conversion when fine, no issues, green light upon conversion results all my static routes stopped working after that, they are like being ignore...

nevolex by L3 Networker
  • 2312 Views
  • 1 replies
  • 0 Likes

SCEP for firewall device cert?

We do not currently have SCEP set up in our environment nor are we familiar with it. But if we did have it set up would our PA firewalls be able to request a cert that we could then use in a SSL/TLS service profile to have a secure connection between our computers and the mgmt gui of the PA? Deploy Certificates Using SCEP (paloaltonetworks.com...

Claw4609 by L5 Sessionator
  • 2500 Views
  • 1 replies
  • 0 Likes

Resolved! URL Blank in Traffic Logs

The traffic logs for our PAs almost never actually show a URL, despite the URL category getting properly assigned. The only time I ever see a URL show up in the logs is if it is specifically denied because of the URL category, which is fairly rare. If they are allowed, or blocked based on something else like application, no URL shows. Is this ex...

Resolved! Accessing A New Palo Alto Firewall In The GCP

Experts., We have a virtual Palo Alto firewall (BYOL) in the GCP and were able to change password using the initial access and the ppk file.We provisioned one more VM firewall in same GCP setup, however this time we are unable to recreate the steps we had done earlier After the instance is provisioned we have configured ssh key in GCP and from o...

kgsd2019 by L1 Bithead
  • 7789 Views
  • 7 replies
  • 0 Likes

Resolved! About User-ID Agent

Hello, I've been practicing Palo Alto lately, I'm having trouble setting up "User-ID Agent"...This is my simple structure : I set up "AD server" and "User-ID Agent" on the same Winserver I also added Win10 to domain, and gave it an account (michael) But I don't know why "User-IS Agent" always identify the IP of "michael" as 10.20.54.52 ,inste...

young19918_1-1681749791819.png
young19918_2-1681750176934.png

Issue with finding palo alto self-signed certificate under certificate menu

Hi there, Management web is using palo alto self signed certificate but I'm not able to find it under certificate menu in device section. Any one has faced this issue before? It should be somewhere in configuration refer to self-signed certificate, if I want to create a self-signed certificate by myself I'm able to see that certificate under...

MBashiri by L0 Member
  • 1371 Views
  • 1 replies
  • 0 Likes

Connect same VLAN to multiple V-SYS

Hi All, We have a PA-5220 firewall cluster which has running multiple V-SYS itself. The firewall is connected to the up stream router thru a port channel. On the up-stream router VLAN 10 is allocated to the WAN-IP range. I need to extend that VLAN 10 to the V-SYS A and V-SYS B so I can can assign the respective public IP addresses to the diffe...

PBF not working with DNAT policy for server

Dear Team, We have 5 ISPs and we have configured PBF for a group of IPs/networks. We observed while routing the server from X ISP to Y ISP, the server which is published on X ISP becomes inaccessible. Request you please help to resolve the issue on a priority basis.

VINAYAKJ by L0 Member
  • 1223 Views
  • 1 replies
  • 0 Likes

Resolved! USER-ID mapping by firewall

Hi All, Consider there is an user (xyz@example.com) is accessing some network for which communication is allowed in firewall based on USER-ID rules. If the User(xyz@example.com) at the same times access the allowed sites by using two different IP address, will the communication from both the machines would be allowed.

Sujanya by L3 Networker
  • 1738 Views
  • 1 replies
  • 0 Likes

SNMP Counter issue

Hello everyone I am having a problem with SNMP requests on my palo-alto. My issue is the following I don't see any traffic on the physical interfaces of the palo alto, the traffic remains at 0 I can clearly see the traffic on the virtual interface (VLAN). I am on zabbix My palo alto is a PA-440

LCutman by L1 Bithead
  • 1457 Views
  • 1 replies
  • 0 Likes

Panorama config export fail. Host key verification fails

When I try and configure a scheduled config export the connection fails. I get a message the RSA host key differs and asked to confirm adding the key. This is a loop and always asks to add the key. If I try to remove all the known host keys the command ( delete user-file ssh-known-hosts) completes but does not seem to delete anything. The sa...

Rawilson by L0 Member
  • 2581 Views
  • 1 replies
  • 1 Likes

comments in cli

Hi I have a text file with PANOS command line arguments (set) what character defines a comment line ? is there one ?

Alex_Samad by L4 Transporter
  • 15975 Views
  • 11 replies
  • 1 Likes

Resolved! PA is connected to a router

Hi PA(non-management interface) is connected to a router via a cable . What is minimus condition for the two device to ping each other? 1. ip address in interface are in same subnet, 2. interface associated with management profile to allow ping 3. interface type is L3 Any else? The reason why i ask the question is the two device cannot s...

  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks