This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

System error "Retrieving Content "IOT" info failed"-Panorama

Hi Team Anyway, one having any idea about the below error 'Retrieving Content 'IOT' info failed' Error getting on Panorama however, the customer not having any IOT license. Please find the attached snap shot of the error. Regards Roney RajanPlease note you are posting a public message where community members and experts can provide ...

PAN and intermediate CAs

Last couple of days I've had quite a few cases where I had to manually add intermediate CAs as a Trusted Root CA in order for decryption to work (for customers blocking untrusted CAs already on firewall). These are quite well known intermediate CAs like: DigiCert TLS RSA SHA256 2020 CA1 GeoTrust RSA CA 2018 Entrust Certification Authority - L...

santonic by L6 Presenter
  • 4188 Views
  • 2 replies
  • 0 Likes

Resolved! Multiple ISPs with Path Monitoring

Hi All Need a sanity check. When deploying multiple ISPs using path monitoring, instead of policy based forwarding, should the 2nd ISP become unreachable? It makes sense that it does, but it wasn't mentioned in Palo article about it Setup would be ISP1 (e1/1) 0.0.0.0/0 1.1.1.254 priority 10 (with path monitoring) ISP2 (e1/4) 0.0.0.0/0 ...

SCP Export Error PanOS 10.2

Hello everybody! It appears that PanOS 10.2 has the ability to export Software. However, I'm receiving the following error when attempting to do so. For reference, I am attempting to do this from Panorama. The scheduled config export to the same SCP server works fine. Has anyone managed to make this work? Thanks!

schroedera_0-1666884171644.png

Highlight Unused Rules Option - Missing

Hi, We have multiple 'Admin Roles' setup and we have noticed the 'Highlight Unused Rules' tick box at the bottom on the policies page is missing. What permission am i missing to allow this? Please note you are posting a public message where community members and experts can provide assistance. Sharing private information such as serial nu...

ElliotM by L2 Linker
  • 2972 Views
  • 1 replies
  • 0 Likes

PA 5220 (PAN OS 8.1.10) Active / Active not synching tftp traffic in asymmetric routing scenario

Hi Experts,I have the following scenario: a pair of PA 5220 (running pan os 8.1.10) in an ACTIVE / ACTIVE Setup (session owner 1st Packter - session setup 1st Packet) -We have been running Active / Active since roughtly 2 Years now without any significant problems. However tftp (PXE Boot) session in an asymmetric scenario do not get properly syn...

SSO Error when Accessing KB or Supportcases Portal

Hello all, Recently (these two weeks) I have encountered SSO Error when browsing to KB & Support Case pages which I don't have such issue before. https://knowledgebase.paloaltonetworks.com/ https://supportcases.paloaltonetworks.com/_nc_external/identity/saml/SamlError Tried with Chrome and Edge, clear the cache which showed the same...

SeanDeHarris_0-1657263836839.png

Captive portal SSL decryption policy requirement

Hi, PAN has the following document [1] which says you need to have SSL decryption in order to redirect SSL pages to captive portal.To me it doesn't seem to be accurate. Response page [2] workaround seems to be doing the same i.e without having an SSL decryption policy, I see that SSL pages are redirected to captive portal properly. What am I mis...

CRL Distribution Point (CDP) Config

Is there a place in the PAN-OS to configure the CDP address or does it only learn it from the certificate? We have a new CDP we are testing and have added it's IP to our cert but the firewall is not attempting to contact it, only the second one. Is there a way to force it to connect to the new CDP?

LEEF Format

Dear Team, Appreciate your feedback as we facing challenges with LEEF format when we configure a Syslog server with a custom log to allow integration with the Qradar SIM solution. We use the same format as mentioned on the IBM website below, https://www.ibm.com/docs/en/dsm?topic=panps-creating-syslog-destination-your-palo-alto-pa-series-devi...

Dual ISP Global Protect Redundancy

Hi Team, I hope ye all are well. We recently worked a case for a customer that had dual ISP configuration and wanted the Palo Alto Networks device to provide redundancy for the Global Protect Portal and Gateways in the event one ISP went down. We came up with a handy way of providing this using NAT rules and a loopback and I am posting this to ...

interfaces.PNG
loopback.PNG
natRules.PNG
VirtualRouters.PNG

ESA | ELA When license price is increasing

Dears, If we get an ESA / ELA let's say for 3 years, we pay the hardware, and then we would pay an initial price for support and licenses. Next, If the list price of support and /or licenses increase during these 3 years, and then we buy more hardware to include under ESA/ELA, what is the support and license that apply to the new hardware? Is it...

ftesta77 by L0 Member
  • 2493 Views
  • 1 replies
  • 0 Likes

Where can I find my Customer ID or Sales Order Number to register an account?

I am trying to setup an account to create a case. I have my serial number, but not the customer ID or sales order. Since one of these are required in the registration process, I am not able to open a case. I do have access to my paloalto unit online in case I can find anything there or register with information associated with what I can pull...

BJackson by L0 Member
  • 12593 Views
  • 4 replies
  • 1 Likes

Error Handling in Custom Playbooks

Hello all, To handle with different types of playbooks and tasks, is there any implementation method or best practice guide to identify errors in playbooks. If a task or subplaybook stucks in main playbook I want to get informed about it and handle with it. If you have any sort of guide or advice I am open to hear it. Best regards

UmutAK by L1 Bithead
  • 1600 Views
  • 1 replies
  • 0 Likes

Nuevas ISO 27001, 27005 y 27005

Como las nuevas versiones de las los estándares ISO 27000 se integran en la realidad de la seguridad de la información, y como se llevaría mejor su implementación? #ISO27000 #ISO27001 #ISO27002 #ISO27005

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks