General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 93 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3333 Views
  • 2 replies
  • 14 Likes

Resolved! Shared Security Policy Rules

When you have multiple device groups, are you able to create shared security policies?  When I try to select shared and create a security policy rule, the zones are blank.

 

Only workaround I can seem to find is create a security policy in one device g

...

ce1028 by L4 Transporter
  • 3012 Views
  • 2 replies
  • 0 Likes

PBF policy match works in CLI but hangs in the GUI

Hi,

 

Came across an issue where a PBF policy match works in the CLI, but not in the GUI. When you run the test in the GUI it just hangs. The PBF rule is working as expected in production, its just the test in the GUI that seems to fail. Anyone come ac

...

BenPrice_0-1635901518208.png
BenPrice_1-1635901757751.png
BenPrice_2-1635901890382.png
BenPrice_3-1635901946304.png
Ben-Price by L4 Transporter
  • 1469 Views
  • 1 replies
  • 0 Likes

Globalprotect Smart Card configuration

So my company is working to setup a new PKI infrastructure with smart card logins for the users. I have looked at all the 2FA and associated articles about setting up the VPN but it leaves a lot to the imagination. I followed the steps creating the c

...

j.bartha by L1 Bithead
  • 5536 Views
  • 4 replies
  • 1 Likes

Resolved! Ping an IPv6 Link local address

Hi,

 

Is it possible to ping a IPv6 link local address from a Palo Alto firewall? If so, what is the syntax on the firewall CLI?

 

I know other platforms allow you to define an outgoing interface when pinging a link local address, but this doesn't look t

...

Ben-Price by L4 Transporter
  • 3537 Views
  • 3 replies
  • 0 Likes

Ignite 2021 is Two Weeks Away!

Hi everyone,

 

Ignite 2021 is just two weeks away and the LIVEcommunity team has been sharing weekly blogs to keep you updated on the latest news related to this event! 

 

Last week we shared information about the Agenda. We also added some informati

...

jdelio by L7 Applicator
  • 1940 Views
  • 0 replies
  • 2 Likes

Captive portal palo alto issued with chrome

Hi all

I use captive portal on palo alto just zone Lan to internet and found issued about chrome

My client have window 7,8 and palo version 8.1

Test on firefox need open firefox and click to option for login to internet

But on chorme not option for click

...

Migration FROM PA-850 to PA-3220

Dear:

Good afternoon, what is the best migration option from a Palo Alto PA-850 to a PA-3220.

 

Thinking for example to be able to keep the self-signed certificates in the PA-850, used for Global Protect.

 

Based on your expertix and experience, what is t

...

Metgatz by L4 Transporter
  • 1689 Views
  • 1 replies
  • 0 Likes

Resolved! Custom URL category *.github.com not matching/working

I read some posts here about the best way to allow github to only *.github.com IPs and I can't seem to find an easy way to do it. 

 

If I do it this way:

 

 

Source IP – on-prem networks Destination - Any APP ID/Service – github/ssh/ssl/web browsing URL c...

drewdown_0-1635537126636.png
drewdown_1-1635537211464.png
drewdown by L4 Transporter
  • 4729 Views
  • 4 replies
  • 1 Likes

Commit Lock

Hey all,

Has anyone found a way for a non-superuser to remove a commit lock?

I'm aware the official line still seems to be only a superuser can remove the lock, and this is definitely the case in PANOS 9.0 but hoping there might be a way to have this a

...

SARowe_NZ by L3 Networker
  • 1713 Views
  • 1 replies
  • 0 Likes
  • 24126 Posts
  • 100 Subscriptions
Top Solution Authors
Labels