This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

Resolved! Help with DNS?

Hello Live Community. I am in a bind. I have all of our clients on networks using DHCP from our Palo Alto and pointing to Googles servers for DNS. Very quick and slick. unfortunately I need all computers, tablets, phones, etc... to see a server inside our Palo Alto. Is there any way to do this without compromising the DNS settings, or speed? ...

JCMoritz by L0 Member
  • 2345 Views
  • 3 replies
  • 0 Likes

Block SSH traffic

We are using PA 5250 firewalls. We are not using decryption on it. Now, we want to filter the ssh traffic satisfying all these 2 conditions: C1) Allow access to *.mywebsite.com for ssh traffic AND allow file download upload C2) Allow access to abc.xzy.zom and jkl.efg.com for ssh traffic AND NOT allow file transfers Because we are not using...

PAFWNoob by L1 Bithead
  • 2452 Views
  • 1 replies
  • 0 Likes

description update in security rules via Panorama CLI

Hi Team, i was trying to update description on existing multiple security rules via Panorama cli. but found that if i add description via cli it just simply replace the whole existing description. So, is there any way to add/update the description without removing the existing description on rules. Thanks Virender Singh

vsingh31 by L1 Bithead
  • 1864 Views
  • 1 replies
  • 0 Likes

Error while committing changes

Hi Team, Getting the below error while committing the changes. I read an article where it says it might be due to memory issue so rebooted the device and checked but still the same issue. Could you please suggest as soon as possible. DLP Configuration not found DLP Configuration populate successfully Error: Error preparing global objects failed ...

Resolved! Cannot login to GUI after pa-vm deployment

I deployed a pa-vm image 10.2.1, set the management IP from the CLI. When I try logging in with the GUI, I put in my credentials and then get the following error "Your login session has expired and you have been logged out for security reasons. Please log in again if you wish to continue." I'm able to SSH into the cli. Things I've tried: 1. rebo...

L3Svc process stopping automatically on PA-3020 firewall

Hi Folks, We are facing issue with the captive portal and had seen that the l3svc processor is not running. We had tried to restart the l3svc process and the mgmt plane process but no luck. our firewall was previously running on PAN-OS 9.1.13h3 and we had downgraded to 9.1.10 and checked but no luck. We had rebooted the firewall again also. Chec...

Resolved! Jobs flooding commit queue.

For the last week or so we have been having issues with download jobs pending and failing in our Panorama. The issue is that there are 2500+ jobs pending on our Panorama and this seems to pop-up at any given time. TAC, to this point, has had us restart the management process, suspend that Panorama and fail over to the other... Until this happens...

Increasing log disk size on Panorama VM

I have Panorama 10.1 running as a VM on ESX. System disk is 224gb and log disk 500gb. I have shut down the VM and moved the log disk to a larger store (2000mb). VCentre now shows the disk as 2TB. However when i boot Panorama it still sees /dev/sdb1 as 500gb. What Panorama commands would i have to run to make it see and use the actual capacity?...

Globalprotect Connection two Browser Tabs

Hi There, we are using 10.1.5-h2 and Globalprotect 6.0.1 VPN. Our Users logging in via SAML and it works very good. The only thing which is annoying is that during the connection two similar Browser Tabs are Opening. After that, the Connection is established. Is there a way to reduce the tabs to one? We are using a Active Directory local Group a...

best way to add folders to malware whitelist

having read the document "Add a New Malware Security Profile", I am not clear as to best and properly entering a path to a folder properly. this is a paragraph pulled out of the of the webpage. +Add a file or folder.Enter the path and press Enter or click the check mark when done. You can also use a wildcard to match files and folders conta...

jeperjes_0-1666877018593.png
jeperjes by L1 Bithead
  • 4523 Views
  • 3 replies
  • 0 Likes

GlobalProtect SCEP NDES Dynamic Challenge Failure

Hi, I have been attempting to get GlobalProtect configured with SCEP for many days without success. The issue I am facing occurs when I have the SCEP Challenge set to "Dynamic" under "Certificate Management" (on the firewall), which is what I am wanting. But when using the dynamic challenge, the GP clients fail to retrieve a SCEP certificate. ...

cwilson by L0 Member
  • 10351 Views
  • 3 replies
  • 1 Likes

Resolved! Set permanent IPSec VPN tunnel

Hello guys, would you be so kind and help me with any function, which can set VPN tunnel as a permanent one? Because when tunnel is not using, it goes down and then it will not come up without push on our side. So, maybe there is some function / algorithm which will send over the tunnel small amount of data to keep it alive. I was not able to f...

Global protect welcome page appears multiple time in an hour or so

I have listed two issues with the GP 1. Since I upgrade GP client to 6.0.3 welcome page appears multiple times in an hour or so. Please suggest if any solution 2. Also there is no GP client version yet which can fix the "Sophos AV date capture in HIP check from client machine". As per TAC it will be fix in next version 6.0.4.

sharink by L1 Bithead
  • 1784 Views
  • 1 replies
  • 0 Likes

Resolved! Possible to have a web page presented for webistes where SSL decryption Doesnt work?

Hi All, We use SSL inspection and sometimes we have to add websites to a custom url category for non inspection so the webpage can become visible. Is there an option to have the user presented with a webpage so IT staff will know that it's ssl inspection that is not allowing the webpage to be viewed? I've looked but couldn't find any. Usually wh...

roma by L2 Linker
  • 1815 Views
  • 1 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks