This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4431 Views
  • 0 replies
  • 0 Likes

Resolved! Device registration auth key is required for on-boarding firewall running PAN-OS 10.1 and above. All firewalls running PAN-OS 10.0 and lower do not re

Device registration auth key is required for on-boarding firewall running PAN-OS 10.1 and above. All firewalls running PAN-OS 10.0 and lower do not require or support device registration auth key. You can use the button below to create OR copy the default auth key valid for 24 hours for any firewall you onboard OR go to Panorama->Device Regis...

ZhouYu by L2 Linker
  • 5926 Views
  • 1 replies
  • 0 Likes

SSO with macOS devices

Can anyone tell me if there is a supported method or a known workflow to have Global Protect automatically sign in sign in to the current user account with locally domain bound macOS devices? Similar to the way we are able to do this with Windows PC's. On our Windows PC's that are joined to our on premise domain we are able to use the SSO featur...

Connect automatically to Global Protect using OKTA cred

Hi, Thought it might be worth asking here, maybe you can help me 🙂 We're using Prisma Access and the Global Protect client to log in to VPN. We're also using OKTA to authenticate. Is there any way to somehow automate the login to the client, and maybe in a way, somehow enforce the login? We basically want all of our users to keep login into G...

nivhovav by L0 Member
  • 3028 Views
  • 2 replies
  • 0 Likes

Downgraded software

I downgraded 5220 from 10.1 to 9.1.14h4 and once rebooted fan wont stop starting and stopping. Also can’t commit says communication error happened during configuration to dataplane

mlindsey by L0 Member
  • 2128 Views
  • 2 replies
  • 0 Likes

The Cortex UX Research Lab Is Seeking Participants!

Hello LIVEcommunity! The Cortex team is currently developing a significant UX research effort, the Cortex UX Research Lab, for all aspects of Cortex. As a part of that, we need you — the user — to help us best understand how people use our products and other security products in the real world, as well as test and give feedback on all manner...

Screen Shot 2023-01-17 at 9.59.01 AM.png
JayGolf by Community Team Member
  • 2935 Views
  • 2 replies
  • 1 Likes

Pre Logon then On Demand

Hi All, I have a question regarding Pre-Logon and then on demand. A client has reported they have setup pre-logon tunnel rename timeout to 90 secs. After the client logs in, the GP client goes into a disconnecting state and never times out. Client has to select refresh connection to resolve the issue, and then login manually. I have tested in o...

Ben-Price by L4 Transporter
  • 6156 Views
  • 5 replies
  • 0 Likes

Resolved! Secuity Profile Question

I would like to test the virus file through the PA firewall. But PA firewall is no configure any security profile. May I know is it defected by Palo Alto? Such as found by threat log?

WingMak by L1 Bithead
  • 3431 Views
  • 5 replies
  • 0 Likes

Syslog within a Multiple Vsys environment

Hi All, I have a pair of 5220's, running version 10.0.7 and we are running multiple vsys's on it. We need to set up syslog on one particular vsys to send log data to a service within that environment. I have configured this but the syslog data seems to be heading out of the management interface and not the designated interface. For configuration...

a.jones by L3 Networker
  • 3832 Views
  • 2 replies
  • 2 Likes

PAN-OS dark mode

Hi guys, I work a lot at night and all portals and tools, from Azure Portal, Office 365 Admin Portal, Slack and even Gmail have a Dark Mode, and it really makes the experience a lot better for your eyes. I use dark mode for everything, but spending long hours in PAN-OS with the bright white GUI isn't the best experience at night for your eyes. S...

Tool to generate 'phash' style hashed passwords?

We have a need to create password hashes offline, is there a tool or script available to take a cleartext password and generate a phash?For example, the audit team wants to be able to select a password and generate the hash, so we can later paste into a firewall when provisioning the 'audit' user, even though I would never know what their passwo...

snocc by L0 Member
  • 21471 Views
  • 6 replies
  • 0 Likes

Resolved! Can I have a static bi-directional NAT rule and a PAT rule working together?

Hi, I currently have a static NAT bi-directional policy, number 6 in the screenshot, that publishes an internal server (LAB-Skype) on Internet using a public IP (LAB-Skype-pub). This works fine. Now I need to add an exception for port 443 for that public IP, which needs to be redirected to port 4443 towards the same internal server. I tried ...

Commit Warning for Antispyware

Hi guys,Trust all is well. After the firewall upgrade to version 10.2.1/ 10.2.2, we are getting the following errors after each firewall. Changes/commits are executed successfully. And everything seems to be working without problems. Warning: spyware-profile AntiSpy-Alarm-Only(id: 251) is considered duplicate of AntiSpy-D(id: 258)Warning: spyw...

The existing DNS servers and LDAP server is reachable by the management interface. The additional set of DNS servers and LDAP server setup will have t

Hi Team, The existing DNS servers and LDAP server is reachable by the management interface. The additional set of DNS servers and LDAP server setup will have to access via an interface other than the management interface. Could someone please assist me on this (PA-5220s in a HA configuration). Thanks you

  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks