This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4221 Views
  • 0 replies
  • 0 Likes

SFP Compatibility

hello tech enthusiast, I want to connect a fiber cable between two PA firwalls, thats what i did but i have the interface down on both ends even, and i dont know what to put as a SFP Plus, when i run the command show system state filter sys.s1.p6.phy i have a vendor-part-number: SFP-10G-LR-PO but when i do that on a working interface a have v...

Can`t proceed to customer support portal

The first i created an account for Customer support portal and I'm Stock with this Your account is currently waiting for your company’s Super User Approval. Access will not be provided until this approval is received. To help speed things along, you must reach out to your Super User for approval.You can click here to send your Super User a rem...

VM Trial License

HiI am trying to obtain a TRIAL LICENSE for a VM. I am using EVE-NG and need to set up a training lab. I dont want to associate it with' our current Palo Altos. How can i go about obtaining one? Thanks

mzedalis by L0 Member
  • 1934 Views
  • 3 replies
  • 0 Likes

Struggling to Unset Virtual Router from Interface via API – Manual Works, API Always Fails

Hi everyone, I’m working on automating Palo Alto firewall configuration via the API and I’ve run into a puzzling issue. What I’m Trying to Do: Unset the Virtual Router assigned to a specific Layer3 Ethernet interface (e.g., ae2.4008) using the API. Manually, I can easily go to the GUI and set the Virtual Router to none, and everything works ...

AK_20201 by L0 Member
  • 573 Views
  • 0 replies
  • 0 Likes

Renew Palo Alto Global Protect Certificate issued by Public CA

Dear All, I need some immediate assistance with this. Can you anyone help me out. We have a Palo Alto VPN Gateway at our office where client connect to the internal Network via Remote Access VPN. Now recenlty the certificate was expired the following is what I did. 1. Generated a Private key using OpenSSL. 2. Generated a CSR using that Pri...

Zone rename effects on Shared Policies

After a company acquisition we have inherited about 25 firewalls which I have recently migrated to a single Panorama instance, along with shared policies and templates, and in the process of building shared policies for the entire fleet. For the shared policies to work, zone names need to be consistent across about 40 odd gateways, unfortunatley...

Is there a need for a book on PAN-OS "Policy as Code" subject?

Dear All, I am looking to determine if there is a demand in the market for a guide to PAN-OS security policy automation ("policy as code"). There is plenty of reference information (https://pan.dev is always a good starting point) but there is no resource/book that would take one of the available automation frameworks and demonstrate how to ...

Assistance Required – Cybersecurity Fundamentals Certificate Not Unlocking

Hello Beacon Support Team, I recently completed the Cybersecurity Fundamentals course on Beacon. However, my progress is stuck on Module 4 even though I have already gone through all the lessons and quizzes. The platform keeps sending me back to Module 4, and my course completion status is not updating to 100%. Because of this, I’m unable to dow...

combiyke by L0 Member
  • 922 Views
  • 1 replies
  • 0 Likes

About CVSS version

Hello PaloAlto Networks Team, What version of CVSS is listed in Palo Alto Networks Security Advisories? Please tell me which version it is, such as CVSS v3 or v4. Regards,

IPSec HA Failover - Feature Request NSFR-I-26043

As of this post, Palo Alto Firewalls do not sync Phase 1 for IPSec Tunnels. If a remote end is using Dead Peer Detection, this will cause the tunnel to go down after a failover occurs and the remote end DPD hits its threshold. Since the Palo no longer has Phase 1, it cannot respond to the DPD. Despite Phase 2 being up and working, the DPD will p...

spapesh by L1 Bithead
  • 1574 Views
  • 2 replies
  • 1 Likes

Resolved! PCNSE Learning plan under maintenance

I have a question from my CBTS customer: they have a Network Security Engineer who has been going through the Beacon training in preparation for his PCNSE.At some point last month, the course he was working on was changed to "Learning plan under maintenance" . Any idea who I can go to in order to unlock the course or investigate what's going

kbettich by L0 Member
  • 1601 Views
  • 1 replies
  • 0 Likes

Resolved! Access Palo Alto HTML Files

Hello, our user want to deploy Palo Alto Firewall 3410 with Os 10.2.2, for security reason then they do the vulnerability assessment but using different device but with same OS 10.2.2. And the result is that they found 2 vulnerabilityissues, low and information. i took this VA is on the login page on palo alto firewall. The Low vulnerabilityis...

Add Palo alto HA (existing config) in Panorama. Doubts..

Hi, I need to add a cluster A/P FWs in Panorama. I was checking this useful link: https://www.mbtechtalker.com/migrate-a-ha-pair-of-pan-firewalls-to-panorama-management-2/ and videos on internet. I have everything under control, but I'm a little concerned about if its necessary in any point to enable the "force template value" option at some...

BigPalo by L4 Transporter
  • 1185 Views
  • 3 replies
  • 0 Likes

Fetch Device Certificate failure

Hello, I am getting this error (Failed to fetch device certificate.TPM public key match failed.) on a PA460 (11.0.2-h2). I tried multiple solutions without success : This KB https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004NlxCAE but it didn't work. Multiple commit force. I even generated an OTP on the CSP but I do...

Meed by L0 Member
  • 21713 Views
  • 11 replies
  • 1 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks