This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Replacing HA Hardware

Hi All, I need to replace 3220 in HA to 1420 in HA. - The 3220 running 11.1.3-h3 - I installed 11.1.3-h3 on the new 1420s. - Installed the same version of the apps and threats. - exported the running config from the 3220 - imported the config to the 1420 and ran a commit. I read that i cannot run the HA with different platforms. Is there a way...

SFP Compatibility

hello tech enthusiast, I want to connect a fiber cable between two PA firwalls, thats what i did but i have the interface down on both ends even, and i dont know what to put as a SFP Plus, when i run the command show system state filter sys.s1.p6.phy i have a vendor-part-number: SFP-10G-LR-PO but when i do that on a working interface a have v...

Can`t proceed to customer support portal

The first i created an account for Customer support portal and I'm Stock with this Your account is currently waiting for your company’s Super User Approval. Access will not be provided until this approval is received. To help speed things along, you must reach out to your Super User for approval.You can click here to send your Super User a rem...

VM Trial License

HiI am trying to obtain a TRIAL LICENSE for a VM. I am using EVE-NG and need to set up a training lab. I dont want to associate it with' our current Palo Altos. How can i go about obtaining one? Thanks

mzedalis by L0 Member
  • 1874 Views
  • 3 replies
  • 0 Likes

Struggling to Unset Virtual Router from Interface via API – Manual Works, API Always Fails

Hi everyone, I’m working on automating Palo Alto firewall configuration via the API and I’ve run into a puzzling issue. What I’m Trying to Do: Unset the Virtual Router assigned to a specific Layer3 Ethernet interface (e.g., ae2.4008) using the API. Manually, I can easily go to the GUI and set the Virtual Router to none, and everything works ...

AK_20201 by L0 Member
  • 547 Views
  • 0 replies
  • 0 Likes

Renew Palo Alto Global Protect Certificate issued by Public CA

Dear All, I need some immediate assistance with this. Can you anyone help me out. We have a Palo Alto VPN Gateway at our office where client connect to the internal Network via Remote Access VPN. Now recenlty the certificate was expired the following is what I did. 1. Generated a Private key using OpenSSL. 2. Generated a CSR using that Pri...

Zone rename effects on Shared Policies

After a company acquisition we have inherited about 25 firewalls which I have recently migrated to a single Panorama instance, along with shared policies and templates, and in the process of building shared policies for the entire fleet. For the shared policies to work, zone names need to be consistent across about 40 odd gateways, unfortunatley...

Is there a need for a book on PAN-OS "Policy as Code" subject?

Dear All, I am looking to determine if there is a demand in the market for a guide to PAN-OS security policy automation ("policy as code"). There is plenty of reference information (https://pan.dev is always a good starting point) but there is no resource/book that would take one of the available automation frameworks and demonstrate how to ...

Assistance Required – Cybersecurity Fundamentals Certificate Not Unlocking

Hello Beacon Support Team, I recently completed the Cybersecurity Fundamentals course on Beacon. However, my progress is stuck on Module 4 even though I have already gone through all the lessons and quizzes. The platform keeps sending me back to Module 4, and my course completion status is not updating to 100%. Because of this, I’m unable to dow...

combiyke by L0 Member
  • 854 Views
  • 1 replies
  • 0 Likes

About CVSS version

Hello PaloAlto Networks Team, What version of CVSS is listed in Palo Alto Networks Security Advisories? Please tell me which version it is, such as CVSS v3 or v4. Regards,

IPSec HA Failover - Feature Request NSFR-I-26043

As of this post, Palo Alto Firewalls do not sync Phase 1 for IPSec Tunnels. If a remote end is using Dead Peer Detection, this will cause the tunnel to go down after a failover occurs and the remote end DPD hits its threshold. Since the Palo no longer has Phase 1, it cannot respond to the DPD. Despite Phase 2 being up and working, the DPD will p...

spapesh by L1 Bithead
  • 1522 Views
  • 2 replies
  • 1 Likes

Resolved! PCNSE Learning plan under maintenance

I have a question from my CBTS customer: they have a Network Security Engineer who has been going through the Beacon training in preparation for his PCNSE.At some point last month, the course he was working on was changed to "Learning plan under maintenance" . Any idea who I can go to in order to unlock the course or investigate what's going

kbettich by L0 Member
  • 1430 Views
  • 1 replies
  • 0 Likes

Resolved! Access Palo Alto HTML Files

Hello, our user want to deploy Palo Alto Firewall 3410 with Os 10.2.2, for security reason then they do the vulnerability assessment but using different device but with same OS 10.2.2. And the result is that they found 2 vulnerabilityissues, low and information. i took this VA is on the login page on palo alto firewall. The Low vulnerabilityis...

Add Palo alto HA (existing config) in Panorama. Doubts..

Hi, I need to add a cluster A/P FWs in Panorama. I was checking this useful link: https://www.mbtechtalker.com/migrate-a-ha-pair-of-pan-firewalls-to-panorama-management-2/ and videos on internet. I have everything under control, but I'm a little concerned about if its necessary in any point to enable the "force template value" option at some...

BigPalo by L4 Transporter
  • 1148 Views
  • 3 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks