General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Not able to see all option in CLI on palo alto firewall

Hi Guys,

I got this issue that im not able to see the CLI options after i press "tab"

As you can see from the photos. Im able to see more options on the working fw than the non working fw. Both are using the same access account.

Is it because the fw

...

Resolved! Copy custom url category from one Palo to another

Hello,

I have two 3200 series firewalls (different models though). How can I copy a custom URL category from one firewall to the other one?

Thanks.

Resolved! Manually run report schedule

Hello,

We have created a Report Schedule for a Report Group and set it to be emailed. Is there a way to manually (either via CLI/Webgui) run the report and email it to check and make sure it works without waiting for the Scheduled Day?

Thanks in adva

...

Beacon confirmation does not arrive

All,

I have a friend trying to create a free Beacon learning account, but the confirmation email never arrives...

What could be the issue?

#beacon

Resolved! Change the name for vsys1

Does anyone know if there is a way to change the name of vsys1? This would be mainly for the identifcation of the vsys in panorama.

My testing says no, but figured I would check the community.

*Reason: we want to change a single vsys deployment to a m

...

Need help with Global Protect Internal Gateway

Hello everyone. I am hoping to have some guidance/help on figuring out what I am missing with our internal gateway. Prior to my employment there was an external gateway setup and is working. I have been tasked to create an internal gateway for thi

...

Vulnerabilities signature

Is there any signature released for

CVE-2022-1388.

Resolved! Configure a specific MAC address on a L3 sub interface or on a VLAN interface

Good morning all,

is it possible to configure the mac address of an L3 sub interface in such a way that it is different from that of the physical interface?

Likewise, would it be possible to do the same with VLAN interfaces?

Thank you!

Telnet in PAN os

Hi Team,

I want to check the connectivity of particular port from one firewall interface.

Like lets say i want to test connectivity to 8.8.8.8 over 443 from one of the interface. I'm aware Telnet doesn't work in PAN os.

I want to know it there is an

...

Virtual Wire transition default config ( Tag Allowed ) to layer 2 subinterfaces - Virtual Wire

Good afternoon, first of all thanks for the support, help and collaboration.

Currently there is a scenario where there are two Virtual Wire interfaces, whi

...

MFA - LDAP ( Active Directory ) Radius/Tacacs+ Internal Resource Access

Hello good afternoon, thank you very much for the constant cooperation, for the excellent will and for the help and support.
Dear all, what is the best strategy for a simple way to

...

Error when commit

Hello,

I get this error message when I try to commit after making a change. Change is just a different IP for syslog server. ANy idea why?

GP on Windows 11 - client certificate issue

Our customer is having issues with GP 5.2.10-6 on Windows 11. They are using client certificates for authentication and after a while a connection fails due to no client certificate present. If we check MMC the certificate is present, valid and has p

...

Resolved! Agentless User-ID not reading Security Log on AD

I'm pretty new to PA so there may be something obvious that I have missed.

The issue I am having is trying to get the Agentless User-ID connecting and reading Security Logs from AD. All the users are coming up as Unknown:

show user ip-user-mapping al...

We need a static Nat from one source to a single outside IP using multiple Ports to translate to multiple inside private IPS with same source

We need to create a Policy to allow traffic in from a partner that needs to monitor Our Servers.

Outside IP will be one say xx.xx.xx.5 they need to hit 10 diffrent servers on the inside of our network 192.168.1.101-110

THey want to send traffic to

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Not able to see all option in CLI on palo alto firewall

Resolved! Copy custom url category from one Palo to another

Resolved! Manually run report schedule

Beacon confirmation does not arrive

Resolved! Change the name for vsys1

Need help with Global Protect Internal Gateway

Vulnerabilities signature

CVE-2022-1388.

Resolved! Configure a specific MAC address on a L3 sub interface or on a VLAN interface

Telnet in PAN os

Virtual Wire transition default config ( Tag Allowed ) to layer 2 subinterfaces - Virtual Wire

MFA - LDAP ( Active Directory ) Radius/Tacacs+ Internal Resource Access

Error when commit

GP on Windows 11 - client certificate issue

Resolved! Agentless User-ID not reading Security Log on AD

We need a static Nat from one source to a single outside IP using multiple Ports to translate to multiple inside private IPS with same source

A palo alto command doesn't stay after reboot?

Where did the critical issues page move?

Zero-Trust Strategy for Prisma

Undetected APP dependency?

Python SDK

Re: Undetected APP dependency?

Re: Query on URL category change

Re: IPSec VPN not getting any response from peer

Re: Issues with Pre-Defined Decryption Exclusion

Re: New periodic alert: Configuration size 19MB is above 80% of the maximum recommended configuration size 23MB for the platform.

Unlock your full community experience!

Resolved! Copy custom url category from one Palo to another

Resolved! Manually run report schedule

Resolved! Change the name for vsys1

CVE-2022-1388.

Resolved! Configure a specific MAC address on a L3 sub interface or on a VLAN interface

Resolved! Agentless User-ID not reading Security Log on AD