This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4221 Views
  • 0 replies
  • 0 Likes

Policy creation/management

Hi Folks, We have a running sites where firewall running and managing through panorama. clients building a new sites and new firewall deployments however panorama will be remain same and policy will be the same just few sub-nets needs to be changed. there are many policy in exiting firewalls/panorama. Is there any way to copy existing policy i...

Resolved! Multi-Factor Input Code Field Displays incorrectly

PA 3220 V 10.2 When setting up and testing MFA if you choose SMS/Input Code when the page displays the box is one field only as shown in the browser picture (Chrome/FF/IE. It doesn't show your characters being typed which is hard for user. At first we thought is wasn't 'modernized' but if you download the response page and then open it as .htm...

sallen by L1 Bithead
  • 3181 Views
  • 1 replies
  • 0 Likes

OTP authentication with GlobalProtect

Hello all,The customer has an inquiry about OTP authentication when logging in to the GP after booting the PC. When I log in again after disconnecting, I can log in without OTP authentication (session authentication is maintained), so is there any way to set up OTP authentication every time I disconnect? 

The authentication method is Azure SAML...

Resolved! How do you see what cipher suites are enabled for Global Protect?

How can I view which cipher suites are currently enabled for Global Protect SSL connectivity? I see in the document below which are supported but now how to view which are enabled/ready for negotiation nor how to disable/enable specific ones. https://docs.paloaltonetworks.com/compatibility-matrix/supported-cipher-suites/cipher-suites-supported...

User Mapping - AD access denied

Hello all, You are using Microsoft Active Directory, but you receive the following error log: Useridd.log > Error: pan_user_id_win_wmic_log_query(pan_user_id_win.c:1603): log query for AD_3 failed: NTSTATUS: NT_STATUS_ACCESS_DENIED - Access denied 2023-02-08 06:54:00.114 +0900 Error: pan_user_id_win_get_error_status(pan_user_id_win.c:128...

Resolved! Global Protect Support for Sequence Authentication with Local y SAML ( Azure-AD )

Global Protect Support for Sequence Authentication with Local y SAML ( Azure-AD ) Hello Live comunity, good afternoon, as I always say, thanks for the good vibes, for your time and for the collaboration. Is it feasible to use Global Protect, with a sequence authentication profile that allows SAML authentication ( Azure AD ) and local users ?...

Metgatz by L4 Transporter
  • 2485 Views
  • 1 replies
  • 0 Likes

User-ID: User-IP mapping is 'unknown' for some AD users

Hi Everyone, We are facing issue with Agentbased User-ID agent 10.1.0-21 and the PanOS version 10.0.1 User-IP-Mapping shows unknown for some of the users. >show user ip-user-mapping ip x.x.x.x IP address: x.x.x.x (vsys1)User: unknownFrom: UnknownIdle Timeout: 0sMax. TTL: 3sHIP Query: Disabled >tail follow yes mp-log useridd.log 2023-...

Resolved! DNAT FW Palo Alto - Double NAT

DNAT Support - FW Palo Alto - Double NAT Hello Lice Community good afternoon, first of all, thanks for the support and collaboration always. I have received a very strange request, I have tried to configure it by trying many ways and nothing. What does a client/costumer want: Dnat with double Nat ie. Internet ======= Palo Alto Public IP ...

Metgatz by L4 Transporter
  • 4646 Views
  • 4 replies
  • 0 Likes

Resolved! Unknown additional fields in GlobalProtect logs

v I am building a parser for our SIEM for GlobalProtect and have found something odd. The GlobalProtect logs have 12 more fields than the PanOS Administrators Guide labels. What are the additional 12 fields called?This is a GlobalProtect Log : 1,2023/02/09 10:25:54,REDACTED,GLOBALPROTECT,0,2562,2023/02/09 10:25:54,vsys1,portal-auth,login,saml,,R...

oahuliam by L0 Member
  • 3361 Views
  • 2 replies
  • 0 Likes

Vulnerability Protection profile alters APP-ID behavior

Hello everybody, while writing some articles on our company wiki, I found a strange behavior of the firewall. This is my environment: PA model: PA-820 PAN-OS version: 10.1.8 APP/Threat version: 8653-7756 Decryption: SSL inbound enabled I have a policy that allows access to the wiki with applications ssl and web-browsing. When no vulnerab...

grenzi by L3 Networker
  • 4684 Views
  • 2 replies
  • 0 Likes

How to get AV definition of multiple machines at one go

Hi Team, I'm checking one incident where I got multiple machine names. Now I want to check AV details of all the machines at one go. I'm using "sep-endpoints-info" automation to get those details. It is working fine when the input is only one machine. If the input field contains multiple machines, it is not fetching results properly. Can you...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks