This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4432 Views
  • 0 replies
  • 0 Likes

Is there a need for a book on PAN-OS "Policy as Code" subject?

Dear All, I am looking to determine if there is a demand in the market for a guide to PAN-OS security policy automation ("policy as code"). There is plenty of reference information (https://pan.dev is always a good starting point) but there is no resource/book that would take one of the available automation frameworks and demonstrate how to ...

Assistance Required – Cybersecurity Fundamentals Certificate Not Unlocking

Hello Beacon Support Team, I recently completed the Cybersecurity Fundamentals course on Beacon. However, my progress is stuck on Module 4 even though I have already gone through all the lessons and quizzes. The platform keeps sending me back to Module 4, and my course completion status is not updating to 100%. Because of this, I’m unable to dow...

combiyke by L0 Member
  • 1025 Views
  • 1 replies
  • 0 Likes

About CVSS version

Hello PaloAlto Networks Team, What version of CVSS is listed in Palo Alto Networks Security Advisories? Please tell me which version it is, such as CVSS v3 or v4. Regards,

IPSec HA Failover - Feature Request NSFR-I-26043

As of this post, Palo Alto Firewalls do not sync Phase 1 for IPSec Tunnels. If a remote end is using Dead Peer Detection, this will cause the tunnel to go down after a failover occurs and the remote end DPD hits its threshold. Since the Palo no longer has Phase 1, it cannot respond to the DPD. Despite Phase 2 being up and working, the DPD will p...

spapesh by L1 Bithead
  • 1643 Views
  • 2 replies
  • 1 Likes

Resolved! PCNSE Learning plan under maintenance

I have a question from my CBTS customer: they have a Network Security Engineer who has been going through the Beacon training in preparation for his PCNSE.At some point last month, the course he was working on was changed to "Learning plan under maintenance" . Any idea who I can go to in order to unlock the course or investigate what's going

kbettich by L0 Member
  • 1783 Views
  • 1 replies
  • 0 Likes

Resolved! Access Palo Alto HTML Files

Hello, our user want to deploy Palo Alto Firewall 3410 with Os 10.2.2, for security reason then they do the vulnerability assessment but using different device but with same OS 10.2.2. And the result is that they found 2 vulnerabilityissues, low and information. i took this VA is on the login page on palo alto firewall. The Low vulnerabilityis...

Add Palo alto HA (existing config) in Panorama. Doubts..

Hi, I need to add a cluster A/P FWs in Panorama. I was checking this useful link: https://www.mbtechtalker.com/migrate-a-ha-pair-of-pan-firewalls-to-panorama-management-2/ and videos on internet. I have everything under control, but I'm a little concerned about if its necessary in any point to enable the "force template value" option at some...

BigPalo by L4 Transporter
  • 1219 Views
  • 3 replies
  • 0 Likes

Fetch Device Certificate failure

Hello, I am getting this error (Failed to fetch device certificate.TPM public key match failed.) on a PA460 (11.0.2-h2). I tried multiple solutions without success : This KB https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004NlxCAE but it didn't work. Multiple commit force. I even generated an OTP on the CSP but I do...

Meed by L0 Member
  • 22242 Views
  • 11 replies
  • 1 Likes

XSOAR virtualization support

Dear All, I would like to request official documentation or a clear statement regarding the virtualization platforms supported for Cortex XSOAR on-premise deployments. Specifically, I would like to know: Which hypervisors (e.g., VMware ESXi, KVM, Hyper-V, etc.) are officially supported for installing and running Cortex XSOAR? If there is a c...

VPN Tunnel - Routing and Hidenat from FW public IP

I am a beginner on the Palo Alto firewall. When to do IPSEC and NAT 😊 I need to create a NAT rule that will allow traffic from 77.221.253.132 - the partner only has 1 public IP address and it is on their firewall.If I make a route to the public IP address(77.221.253.132) and route to the Tunnel interface - the IPSEC tunnel go down.how should ...

Resolved! Vsys migration

Hello All, What is the best approach to migrate a Palo Alto firewall configuration with VSYS to another Palo Alto firewall (As is)?

Resolved! Does anyone have any experience with Expedition

Greetings from Detroit Michigan! I have been tasked with migrating our current PA-5220 pair firewalls to a new PA-3420 pair. I have been led to believe that the "Expedition" tool will help with this task. The problem simply put is that the documentation for this is quite spartan in the area of migrating from a PA to a PA. We are using Expedi...

R.Gage by L0 Member
  • 1449 Views
  • 2 replies
  • 0 Likes

The PAN-OS fixed version information

Hi All, i am bit confuses how the fixed PAN-OS version information works for example 11.1.10-h1 can PAN-293673. Since PAN-293673 was already fixed in 11.1.6-h7 (which is lower than 11.1.10-h1), does that mean a higher version automatically includes fixes for known issues from lower versions, right? If so, that’s what confuses me: if PAN-2...

Resolved! DHCP Relay for GlobalProtect

I'm trying to setup globalprotect where once a user successfully logs in, they pull an IP from our dedicated, internal DHCP server with all the DHCP options. So essentially, setup Palo Alto for a DHCP relay for the GlobalProtect clients. I was trying to do this, but the Tunnel Interface I'm using for the GlobalProtect network doesn't have an IP ...

Error: pan_ldap_ctrl_search_device(pan_ldap_ctrl.c:1889): user_id database is not bound yet

Hi All, While troubleshooting a intermittent GP issue, I have noticed the below error repeating in the useridd.log. I am not sure if this part of the problem or not, but it does look a little worrying. I can still browse AD from the firewall and find groups. 2021-09-20 16:18:10.268 +1000 connecting to ldap://[192.168.1.1]:389 ...2021-09-20 16:18...

Ben-Price by L4 Transporter
  • 21849 Views
  • 13 replies
  • 2 Likes
  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks