General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

PA Firewall Performance Chart

Spoiler

Looking at the comparison chart, if I was interested in the 3430 and I use SSL decryption, threat prevention\wildfire\URL filtering and IPSEC vpn does that mean I would get roughly 9/2 Gbps or 12.2 Gbps?

Looking at the comparison chart, if I wa

...

WMI On server 2022 for USER-ID

Hi There,

Have a pair of PA-3220s. User-ID was working swimmingly. Recently upgraded our DCs to Windows Server 2022 and WMI is routinely failing and showing "Not connected" under server monitor.

Doing some reading on WMI and Server 2022, and it sound

...

Resolved! SSL certificate for passive firewall

There is an active passive pair having SSL certificate (management only) with different CNAMES (its own management IP).

While the CSR generation and certificate import (signed by ECA) is successful on active peer, the CSR generated on passive peer is

...

Resolved! IPSEC VPN - app-id

Hello all,

We have a software ipsec connection that will be between an inside server and a server in the cloud. The PA will just be a pass through so to speak, (nating and security rule).

The ipsec requires UDP 500 and 4500 and the IP 50 protocol. Do y

...

PA-5200 MIB file for SNMPv3 need them for monitoring

PA-5200 MIB file for SNMPv3 I need them for monitoring I find them here:

https://docs.paloaltonetworks.com/resources/snmp-mib-files.html

but the file type is .md5 and .my, but I need file type .mib or .smi to work in the monitoring software.

Where I ca

...

Bulk way to search logs for many IPs?

I have a list of over a 100 IP addresses that I would like to search logs to see if there has been any activity. Is there a way to search the logs files by feeding the FW a file containing the IP addresses? Thank you.

Resolved! using Azure MFA with Global Protect

Hello,

To configure Global Protect to use our already Existing MS MFA server, I followed this KB: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClkkCAC

I think I had to do one or two extra things as well, but in any case

...

Extending Eval license

Hi there,

My Eval Request is going to be expired soon, and I'd like to extend it for another 60 days but I don't know how?

Could someone please advise me how to extend my Palo Alto Eval license ? As I can't see any options in Palo Alto portal for lic

...

design help

Hi all ,

I have the above topology , Now the question where should iI keep the dmz zone

on edge firewall or dc firewall

Thanks

Slow internet behind firewall Pan OS 10.0

internet speed is dropping after passing through palo alto firewall

FQDN resolution failures in Palo Alto

Hello

We are experiencing FQDN resolution failures in Palo Alto.

The Palo Alto has connection to the internal DNS; however, it does not resolve the FQDNs.

Please could you help us to verify this issue.

Regards

Server load balancing

Hi,

I have 3 servers with http service in a LAN network. How can I set up a server load balancing on the firewall?

Regards

URL Filtering For Inbound Servers

Hi Team,

will it actually make sense to apply the URL Filtering for the Inbound traffic to our Internal Server?

CPS average for DDos protection configuration

Hello Team,

I have a problem with the choice of CPS average value. When i made the command show session info which parameter I have to consider to calculate my CPS rate average ? Number of allocated sessions or packet rate or New connection establish

...

Palo Alto - dot1q tag Errors with Meraki switch

Hi,

First post on the Palo Alto side for me. Used to post a lot on the Cisco Support Community forums 

I thought I would ask around here if anyone had any ideas what might be causing this problem before I go ahead with some more troubleshooting myse

...

Discussions

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

PA Firewall Performance Chart

WMI On server 2022 for USER-ID

Resolved! SSL certificate for passive firewall

Resolved! IPSEC VPN - app-id

PA-5200 MIB file for SNMPv3 need them for monitoring

Bulk way to search logs for many IPs?

Resolved! using Azure MFA with Global Protect

Extending Eval license

design help

Slow internet behind firewall Pan OS 10.0

FQDN resolution failures in Palo Alto

Server load balancing

URL Filtering For Inbound Servers

CPS average for DDos protection configuration

Palo Alto - dot1q tag Errors with Meraki switch

PA not be able to access internet

SSO Palo Alto Support Portal

IPv6 on public interface

Template- Variable CSV greyed out

Can't find the "Republic of Kosovo" in the "Firewall Region Code Legend"

Re: Allow all web addresses with .gov and .edu extensions

Re: Wildcard URL for Non-HTTP/HTTPS traffic

Re: SSL Inspection issues with GlobalProtect users

Re: What is still missing or needs to be improved in PA Next Generation Firewalls ?

Re: Commit error After PANOS10.1.10 upgrade

Unlock your full community experience!

Resolved! SSL certificate for passive firewall

Resolved! IPSEC VPN - app-id

Resolved! using Azure MFA with Global Protect