General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 1, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Comment column for custom url categories?

IP lists for edls have:
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/policy/use-an-external-dynamic-list-in-policy/formatting-guidelines-for-an-external-dynamic-list/ip-address-list#idd44a975a-a94a-4398-864e-5cf223f1d351

Is there a way to

...

Whitelisting a url with 2 different ip address

Just wanting to make sure I am doing this properly so it works how its accurately. I am trying to whitelist 2 different IP's and a single url https address. I am trying to do this for a specific group of users on the firewall are able to access it an

...

Resolved! PBR/PBF to DMZ then Internet

Greetings!

As title suggests, I'm trying to implement PBF to the specific destination network in Internet through a server residing in DMZ. There are three zones configured:

Inside 10.0.5.0/24 - from where traffic is initiated
DMZ 10.0.22.0/24 - where

...

Logs not been sent to dedicated log collector by some firewalls

Hi All,

I have an interesting issue of most of my firewalls not sending logs to the log collector. Have only a 20% success ratio with successful log collection thus far.

I see the below in the below:

Log Collector : 000710004755

Conn ID

...

Resolved! Can we input address range directly to security policy source and destination

Dear all,

In firewall version 8.1, Can we input address range directly to security policy source and destination? or we need to create network range object to apply in address only?

Thank you for your answer.

GlobalProtect agent error message "ERROR_WINHTTP_CLIENT_CERT_NO_ACCESS_PRIVATE_KEY"

Hi all,

I deployed the GP agent and user was authenticated by client certificate, most users wroks, but some users cannot pass the authentication and get the following error messages in PanGPA.log:

(T1356) 06/08/18 13:39:53:722 Info (2559): PanWinht

...

Resolved! WildFire analysis report rabbit images

Dear Team,

When my client clicks on the WildFire analysis reprot, they see the rabbit image as shown below.

Has anyone had the same experience as me?

I would like to know the cause of the symptom and how to solve it.

Thanks in advance,
Kyungjun,

Resolved! Traffic cannot return

Hi Folks I have the next topology. The problem is the return traffic when I connect via GlobalProtect and I get a client IP 10.81.235.x. This IP cannot connect with a web server that is in the LAN, but this LAN is external through a data link routing

...

Resolved! reaching Session Count Limit

Hello,

what exactly happens when the firewall reaches the Session Count Limit? Discard the new sessions? and above all as regards the globalprotect VPNs are impacted?
In my scenario I have two 5250 PAs working in HA Active / Passive and corporate VPNs

...

Proxy-id same local ip difference remote-ip in 2 tunnels

Hi,

I have 2 IPsec tunnels same local-IP and difference remote-ip how we can setup prox-id with 2 tunnels

SNMP OID for identifying if an power supply had failed or removed from the firewall

Hi Team,

We have an PA-5260 deployed in our environment.

We need to get alert on our SNMP Manager when the Power supply to the firewall failed or the power supply had been removed from the firewall.

Downloaded the Enterprise MIB file but not able to

...

Issue with network driver of PAN-OS 10.1.3 deployed in azure

Hi Folks,

We have an PA-VM-100 series firewall deployed in the Azure cloud.

We have three NIC cards mapped to the firewall interfaces which is configured as below:

NIC card 1 <-----> Management interface

NIC Card 2 <----> Untrust interface(Ethernet 1/1

...

Global Protect Redundancy

Hi,

I would like to set up Global Protect VPN on 2 sites, and have a round robin redundancy between them.

i.e. user1 logs on the GP VPN and connects to site A, then user2 connects to GP VPN and connects to site B, and so on...

Is this possible?

regard

...

"You have been logged out due to unknown reason"

Any idea what causes this or how to investigate it? I can see the event as "User Me logged out via Web from My_IP" in the System Monitor tab. Happens intermittently otherwise I'd look at this: https://knowledgebase.paloaltonetworks.com/KCSArticleDe

...

Resolved! vWire Interfaces and Netflow

Can you collect Netflow data on interfaces that are in vWire mode?

Discussions

Join us for an amazing virtual event - Ignite: What's Next - October 1, 2025

Discover LIVEcommunity Through Our New Animated Explainer Video!

Comment column for custom url categories?