General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Palo Alto Networks Approved

Panorama OS compatibility

Hi Team,

I am planning to upgrade Panorama software version from 9.1.13 to 10.1.*. But the i am confused whether the Panorama with OS 10.1.* can manage PA3020 running on PAN OS 9.1.* and PA450 running on PAN OS 10.1. *?

High loads by scanner

Good afternoon. At 11:57:26 (9:57:26 GMT), there was a log entry which said this company was scanning our VPS. This made it unresponsive with extremely high load for us until I had restarted the HTTPD service. The traffic was also coming from a lot o

...

Resolved! MFA on the Palo Support Portal?

I saw the announcement that they were going to start requiring MFA for logging in on the Palo Alto websites and it mentions a code via email, however, I was already set up to use an authenticator app for this. When I went to log in today, it seems t

...

Mapping problem of users (XMLAPI) authenticated in Clearpass

Hi team,

The problem detected is that Palo Alto (PAN-OS 9.1.13-h3)computers register too many IPs for each user through XMLAPI (RADIUS-Clearpass origin). Usually a user is not connected to the WiFi network with more than 3 devices (work computer, per

...

Palo Alto Networks Approved

advanced URL & URL4 license HA configurable check

Dear Team,

I understand that the same license set is required to configure HA according to the content below.
- The same model
- The same PAN-OS version
- The same type of interfaces
- The same set of licenses

Customers want to configure HA while introdu

...

Palo Alto Networks Approved

Resolved! SSL Decryption bug in PAN-OS 9.1.14

I recently upgraded from panos 9.1.13-h3 to 9.1.14 then SSL decryption stopped working, in the traffic monitor there wasn't any decryption error but when i excluded a PC the internet worked

and it seams other people are also having the same issue (Red

...

Re: How to Post a LIVEcommunity Discussion

Hi Team,

Activity details in the Application Command Center (ACC) tab only show details based on two previous days when we select the time frame for more than two days (7 Days, in this case). However, in the Network monitor, we are able to view the ac

...

Resolved! FQDN not working vs Resolved IP address

I created a new FQDN address object to facilitate a new Policy(rule).

When tested the FQDN resolves internal to the Palo Alto Firewall.

The rule contains one destination address which is the new company.fqdn.com FQDN

The rule contains one source addres

...

PALO ALTO to AWS site to site VPN not established

Issue:
PALO ALTO to AWS IPsec site to site VPN not able to established.

Situation

Since AWS will provide two VPN tunnel by default.
One of the VPN tunnel is established using the same public IP of PALO ALTO while the other VPN tunnel not able to establis

...

Question for SaaS Security API and Inline

Hello, I am SE from Korea.

Is there have one admin console for SaaS secure API and inline?

I have both configured, but the console is different.(attached picture)

However, Palo Alto Korea said, 'console has been integrated in one'.

how can I

...

Palo Alto Networks Approved

CVEs that cannot be found in Palo Alto Advisories

Hi there,

Does anyone know what does it mean generally for CVEs that cannot be found on Palo Alto Advisories?

Does it mean Palo Alto is not affected or the advisories has yet to update?

A few examples that cannot be found would be the following :

CVE-

...

L2 Extensions

Hello People ,

We have a situation where in a Site to Site IPSEC exists between Cisco ASA and PALO ALTO FW

The LAN segment of the Network is behind Cisco ASA . Infact all of the VLANS are in this LAN Segment which is Behind Cisco ASA .

The require

...

Resolved! Your connection is not private (Privacy error)

i am going to access PA firewall on the browser or Global protect its shows Your connection is not private (Privacy error) then I m clicking on proceed to unsafe then it's showing the main page. how to resolve this.

security certificate does not sp

...

Resolved! Skype screensharing uses "u-meeting" app-id

Hi Guys, is it normal that Skype uses this u-meeting app-id every time user uses the screen sharing feature?
I tried to block this app-id and the screen sharing stops working.
Because I only allow app-ids listed on this article: https://knowledgebase.

...

PBF with ECMP Issue

Hello, i have question about PBF Using ECMP.

We have 3 ISP and using ECMP Setting with weight round robin and Symetric Return Settings

ISP A > 200

ISP B > 100

ISP C > 50

NAT we set like this

All User > ISP A

Using PBF for some IP Segment

Segment A to ISP

...

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Panorama OS compatibility

High loads by scanner

Resolved! MFA on the Palo Support Portal?

Mapping problem of users (XMLAPI) authenticated in Clearpass

advanced URL & URL4 license HA configurable check

Resolved! SSL Decryption bug in PAN-OS 9.1.14

Re: How to Post a LIVEcommunity Discussion

Resolved! FQDN not working vs Resolved IP address

PALO ALTO to AWS site to site VPN not established

Question for SaaS Security API and Inline

CVEs that cannot be found in Palo Alto Advisories

L2 Extensions

Resolved! Your connection is not private (Privacy error)

Resolved! Skype screensharing uses "u-meeting" app-id

PBF with ECMP Issue

Client-to-Site IKEv2 IPSec without GlobalProtect

GlobalProtect SAML Authentication Complete

how to generate an AWS Redis Auth code ?

How to validate Redis connection from vm-series on AWS ?

global counter tcp_case_2

Re: GlobalProtect 6.3.3

Re: GlobalProtect 6.3.3

Re: Support PAN-OS Software Release Guidance

Re: MFA external provider question

Re: GlobalProtect 6.3.3

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! MFA on the Palo Support Portal?

Resolved! SSL Decryption bug in PAN-OS 9.1.14

Resolved! FQDN not working vs Resolved IP address

Resolved! Your connection is not private (Privacy error)

Resolved! Skype screensharing uses "u-meeting" app-id