This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4124 Views
  • 0 replies
  • 0 Likes

SAML Authentication Profile not popuating IdP Server Profiles

I am trying to configure a SAML Authentication Profile but the IdP Server Profile is not populating with my Imported SAML Metdata Identity Provider. When I click import on the page it imports another profile but still does not show up. Any ideas? Not Using Panorama Version 10.2.3

Resolved! FW Ha Cluster disconnected from Panorama

Dear all, i m having an issue with a FW HA Cluster that is continuosly disconnecting from Panorama. I m able to make them connected by issuing a local commit, but after a day less or more, both the FWs are in a Disconnected state again. There is no communication issue beetween FWs and Panorama: show netstat all yes numeric-hosts yes nume...

AndreaB by L1 Bithead
  • 2898 Views
  • 4 replies
  • 1 Likes

Linux/Iphone devices not working splitunneling

Hi, Im seeing traffic logs with linux/Iphone devices going to internet through our tunnel GP, when internet access should be local. Is there any issue with routes GP in linux/apple devices? In windows is working fine

BigPalo by L4 Transporter
  • 849 Views
  • 2 replies
  • 0 Likes

vSYS is expired

Hello, We are running a pair of PA-VM firewalls in HA mode We have noticed that an expired Virtual Systems (VSYS) license is still showing under our licenses, even though we only use the default vsys1 All othere subscribtion are running as usual. except this error which I don't know how to remove it ! or even renew it !! Thank you for ...

Zurattos by L1 Bithead
  • 671 Views
  • 1 replies
  • 0 Likes

Resolved! Confirming Upgrade Path

Hello everyone, I just wanted to clarify/confirm the proper upgrade path to latest preferred 11.0.2-h2. We are currently on version 9.1.12-h3. From what I have gathered, would the below steps be the proper steps and path? 1. Download and install 9.1.16-h3 2. Download 10.0.0 3. Download and install 10.1.10-h2 4. Download 10.2.0 5. Downlo...

Resolved! UserID Agent version compatbility

Hello, I'm currently working through the Certificate Advisory. We currently have firewalls running 10.1.11, user-ID agent is 10.1.1-102. Started an upgraded firewalls to current preferred version of 10.1.13h1. The issue I have is I am simultaneously trying to introduce PA-1410 firewalls into Panorama for management. PA-1410 does not supp...

Issues with Device Telemetry

I have an HA pair (active/passive) of PA3250s (no Panorama) and just recently upgraded to PanOS 10.0.6 from 9.1.9. I configured the device telemetry and downloaded the new certificates for both firewalls. Telemetry is working great on my primary firewall, however, the secondary is failing every time with the error code "CDL Receiver Key Empty". ...

cdlkey.PNG

SNMP (V3) not working on MGMT Interface

PAN-OS: 10.1.6-h6 Issue: SNMP (V3) not working on Management Interface. Description: Customer have configured SNMP monitoring from Logic Monitor and Palo Alto but and its working fine for Dataplane interface but if we change it to management interface its not working and getting the error message as below. Troubleshooting Done: 1. Checked t...

Purushotham_0-1713112831485.png

How to allowlist a file form wildfire-virus

We have a file (Filex.exe) that is throwing blocks of the following type Threat Type wildfire-virus Threat ID/Name trojan/Win32 EXE.crypt.aexg ID 213019932 (View in Threat Vault) How do I add this exclude this file from alerting? I went into Object > Security Objects > Antivirus > the profile > ...

Verac22 by L2 Linker
  • 1597 Views
  • 5 replies
  • 0 Likes

Resolved! No "certificate used by" field when generating certs for SSL forward trust and untrust?

I'm configuring a SSL decryption POC and I'm running into an issue where when I generate or import a certificate for either my forward trust or untrust cert, I don't see a field to specify that I want this cert to be used for those purposes. In the documention, I see this: For Certificate Use For, select Forward Untrust Certificate. But I n...

Domain/IP categorisation

Hi all,I am using a PA-5250 with PAN-OS 11.1.6-h10. Our environment makes use of the automated correlation engine correlated events. So for example we get alerts like this one: Host repeatedly visited uncategorized domain (6 times), and performed EXE downloads from these domains. The hosts that are responsible f...

PA-445 stability?

Anyone else having issues with PA-445 stability? We're doing our 2nd RMA in less than 6 months on a PA-445 that just randomly restarts. It's on dual independent electrical circuits (with UPSs). After the first RMA it did it again and support said it needed an updated OS to resolved the issue (11.1.4). Same issue again (still on 11.1.4) and this ...

Identify users (UIA) authenticating with SAML

HI, We have some users authenticating with SAML (EntraID) but these users are not being identifing in UIA. Is possible to get the info in UIA and palo about users authenticating in SAML? any idea or KB?

BigPalo by L4 Transporter
  • 557 Views
  • 2 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks