This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

Resolved! Allowing ms-update on app-default, File blocking PE and therefore no windows updates

Me again and file blocking per PA best practice (PE, multi-level, etc..) and allowing ms-update on application default. However the WSUS server is not able to download any updates and its classifying a PE file as a threat. The file in question is am_delta_patch_1.249.1313.0_52b04aae0eb450654fc89884b43d10b7ed5 and threat-id is 52060 but nothing...

pa-threat-pe.JPG
drewdown by L4 Transporter
  • 54267 Views
  • 14 replies
  • 0 Likes

PA--820 Power Supply Voltage In (Vin) Voltage and Frequency Range

Hello, I am looking for the exact specification of the PA-820 PSU Voltage and Frequency range, as I need to install the device in mobile asset where the ranges may fluctuate within certain parameters. Due the environment that the units will be deployed in we need to better understand the tolerances of this PSU and I am hoping that there is ...

Steve-P by L0 Member
  • 2585 Views
  • 3 replies
  • 0 Likes

Query regarding the default state of FPGA on PA-3060: What's the output of the command "debug dataplane fpga state" running on PAN-OS 9.1.7 or above?

Dear Community Members, I hope someone will be able to help me out to confirm the default FPGA states on the PA-3060 appliance and supply some additional info on this matter? As per the knowledgebase article (CAN THE CONTENT INSPECTION PERFORM ONLY IN SOFTWARE OR HARDWARE ON PA-3000 SERIES FIREWALLS?) I see that the used algorithms are: AHO - Ha...

Resolved! Cannot create a support account

So I have bought the Palo Alto Firewall Bundle in the AWS Marketplace and was registering a support account, but when I log in the I get the following message:UnAuthorized AccessYour email address, **********, was not found in the support portal. Please make sure to sign in with an email address that is associated with a support portal account. ...

s.nguyen by L0 Member
  • 3097 Views
  • 3 replies
  • 0 Likes

Resolved! What is multi-vsys firewalls?

Hi guys, What is multi-vsys firewalls? Why do we need multi-vsys firewalls? What are cons and pros of using multi-vsys firewalls? Could I get some cases that needs multi-vsys firewalls? AS of now, my panorama has default vsys is vsys1 for the templates. Thanks.

tinhnho by L3 Networker
  • 11417 Views
  • 7 replies
  • 0 Likes

dhcp on L3 or Vlan interface

Using our pa firewall connected to our ISP modem (in bridge mode) its working fine. But I have a zone called guest that I want to have dhcp clients on that will be separate from my trust network. I want to be able to have those guests on DHCP from the Palo. Do I configure that guest interface as L3 or Vlan?

roma by L2 Linker
  • 2930 Views
  • 4 replies
  • 0 Likes

duplicate ipsec tunnels

Hello Comunity, I have a weird issue, we upgrade a cluster to 10.1.5-h1 from a 9.1 version, after the upgrade on the gui i see all the ipsec tunnels duplicated for example i had an ipsec tunnel called vpn_consult, after the upgrade i had 2 ipsec tunnels called vpn_consult, all the tunnels are working, and in the merge-running-config.xml, i see a...

SSL Inbound decryption -Decryption error

One of my application is not decrypted i have applied SSL inbound decryption policy and got decryption-error.On other hand another application with same intermediate certificate having decrypted. As same intermediate only child certificate is change.

Untitled.png

Resolved! Adding a firewall back into a AP cluster that has outdated network and device settings

Hi All, I'm curious if anyone can provide an article or just some basic steps of adding a firewall back into a AP cluster that has "outdated" network and device settings. Firewall-02 was moved to a new location and has a new IP scheme for the network and device settings. Firewall-01 will be physically moved and needs to rejoin the cluster, b...

Resolved! HA Failover Hold Timers?

Hi folks, I will be configuing my first Active/Passive HA next weekend on two PA 3020 devices. I am trying to understand the difference between Monitor Hold Time for HA1 link and Monitor Fail Hold Down Time for the Active/Passive settings. Could anyone equate these settings to what would happen in a typical Active/Passive failover?Ex. Active fa...

HAtimer1.jpg
HAtimer2.jpg
OMatlock by L4 Transporter
  • 12224 Views
  • 4 replies
  • 1 Likes

Premium support contracts

I would like to open a case to verify our current support contracts. I need to know about premium supports if still covered for Hardware replacement and software maintenance? Here is my support account ID 23384 Thanks,

jgascon by L0 Member
  • 1554 Views
  • 1 replies
  • 0 Likes

Resolved! Device registration auth key is required for on-boarding firewall running PAN-OS 10.1 and above. All firewalls running PAN-OS 10.0 and lower do not re

Device registration auth key is required for on-boarding firewall running PAN-OS 10.1 and above. All firewalls running PAN-OS 10.0 and lower do not require or support device registration auth key. You can use the button below to create OR copy the default auth key valid for 24 hours for any firewall you onboard OR go to Panorama->Device Regis...

ZhouYu by L2 Linker
  • 5675 Views
  • 1 replies
  • 0 Likes

SSO with macOS devices

Can anyone tell me if there is a supported method or a known workflow to have Global Protect automatically sign in sign in to the current user account with locally domain bound macOS devices? Similar to the way we are able to do this with Windows PC's. On our Windows PC's that are joined to our on premise domain we are able to use the SSO featur...

Connect automatically to Global Protect using OKTA cred

Hi, Thought it might be worth asking here, maybe you can help me 🙂 We're using Prisma Access and the Global Protect client to log in to VPN. We're also using OKTA to authenticate. Is there any way to somehow automate the login to the client, and maybe in a way, somehow enforce the login? We basically want all of our users to keep login into G...

nivhovav by L0 Member
  • 2935 Views
  • 2 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks