General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Result: Failed to validate server certificate for endpoint api.paloaltonetworks.com

issue1:

I am having issues with getting Panorama and firewalls connected up to datalake. I opened a case and i am told it can't connect to api.paloaltonetworks.com. I have pcap that says otherwise. There is no ssl decryption in between. Its frustratin

...

Enable global setting preserve-prenat-feature for prenat user-id

Hi. I have GP and userid configured at Pan OS 11.1. I'm getting the message.

Warnings:
. vsys1
. Warning: please enable global setting preserve-prenat-feature for prenat user-id to be effective.

I can not find anywhere in menu the mentioned global se

...

Ha2 is going down every 5 6 days .. .my palo version is 10.2.9.h11

I am facing this issue in my current palo alto where my palo alto firewall keep on flapping after evry 5 6 days like suddenly seconday device is getting active and after sometimes it is coming back to normal not always it is coming to normal sometime

...

Resolved! How to add/delete host keys

Hello,

I was testing out different SCP servers to export logs from the PA firewall, but I got this message after my third SCP server:

<user>@PA2050> scp export logdb to <user>@10.200.168.158:logdb
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

...

Resolved! IKEV2 w Cert - Wildcard peer for DN does not work.

Can someone please give me the format you are using for the peer id using DN with a wildcard. CN= ??

I try

CN=*

CN=lab-fw-vyos-*

The DN in the logs coming in from the peer is

lab-fw-vyos-testsite

when I try CN=lab-fw-vyos-testsite it works but

...

Authorization code

Unable to find the Authorization code

IKE phase- 1 SA is expired every 10 seconds?

Just curious, has anyone every seen IKE phase-1 expiring every 10 seconds, can't seem to figure it out.

Thanks

Palo Alto Networks System Engineer PSE - SASE Associate exam

Could anyone kindly guide me through the process of registering for the Palo Alto Networks System Engineer PSE - SASE Associate exam via Pearson Vue? Your assistance would be greatly appreciated.

building a lab with PA-440 or VMs

Hello everyone,

I have some knowledge about PaloAlto NGFW but now I intend to focus and get some certifications. For that I bought a PA-440 which runs 11.2.5 and I intend to buy a second one which doesn't have an active license and running 10.2.3-h

...

No internet after changing ISP

PA-440, OS 10.1.14, Standalone

We just changed the ISP, the static IP in interface (WAN), updated the Virtual Router as well, NAT, PBF, Security Policy was checked, IKE Gateway.

But we couldn't browse the internet. The firewall management GUI is also

...

Error 1006

Hi everyone!

I got error 1006. I really need help.

Thank you!

Resolved! Transferring assets from one CSP Tenant account to another

We have previously purchased and licensed a VM series firewall using our parent company tenant (Company A) and email. However, when comes to license renewal, we have purchased it under our child company (Company B).

We would like to transfer the as

...

Resolved! how to whitelist Akamai downloads ?

How do yuo configure a correct FW rule to only allow downloads for a specific user from a specific URL, but the content is hosted on akamai networks ?

I configred a FW rule with the URL of the server as FQDN in the destination field and allowed downl

...