This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4325 Views
  • 0 replies
  • 0 Likes

SDWAN Zone Mapping

Trying to make sure I understand this correctly. For each zone to used within the SDWAN they must be mapped to the pre-defined SDWAN zones. For the following example would this be the correct method of mapping: Pre-SDWAN zones (same zones at all sites)UntrustPrivate WANTrust-1Trust-2Trust-3 SDWAN Zone MappingZone Internet: Untrust Trust-1, Tru...

Resolved! Can there be fallback authentication for GlobalProtect?

I ran into a scenario that rendered me useless remotely, and I'm wondering if I can configure secondary authentication for GlobalProtect...I used GP to VPN in remotely. My GP is set up to authenticate through Active Directory, and it works fine. I was updating my VMWare environment and SAN, in which I needed to power down all VMWare servers (i...

uscit by Not applicable
  • 4955 Views
  • 2 replies
  • 0 Likes

GlobalProtect agent download from direct URL

Hi everyone, Do you know if it's possible to block the download of the globalprotect agent via the direct URL ? The goal here is to force users to authenticate in the portal web page to be able to download the agent. Ex. for the 64bit agent :https://<my-portal-address>/global-protect/getmsi.esp?version=64&platform=windows If yes, could...

FabienJ by L2 Linker
  • 17478 Views
  • 19 replies
  • 0 Likes

can we allow sign in to webex only using defined company account ?

I have followed below article and tried to configure http header insertion in URL filtering profile , but still able to login using other company account.https://help.webex.com/en-us/m0jby2/Configure-a-List-of-Allowed-Domains-to-Access-Webex-While-on-Your-Corporate-Network#task_C0E05337A65BA687DD68241E79076D38 Also in url filtering log, no logs ...

Deepak25 by L3 Networker
  • 5965 Views
  • 4 replies
  • 0 Likes

Resolved! Aged Out Traffic

Hi All, Please help me on this. If I am doing telnet from one server then telnet is working fine but in firewall I can see the traffic is aged out.I need to know if any traffic is getting aged out, then it should not allow the traffic but how the traffic is allowed and also the person can do telnet.

PPradhan by L1 Bithead
  • 3845 Views
  • 1 replies
  • 0 Likes

Web Management GUI-SSL/TLS - Palo Alto Firewalls HA Active-Passive

Certificate doubt for Web Management GUI-SSL/TLS - Palo Alto Firewalls HA Active-Passive Good afternoon community,, I have an important question regarding the use of custom certificates for web-gui management. I understand that there are configuration parameters that are not synchronized and are detailed in these two links: https://docs.palo...

Metgatz by L4 Transporter
  • 5352 Views
  • 4 replies
  • 0 Likes

Problems to upgrade the OS.

Using the http portal I´m trying to download the OS version. I have installed the 9.0.5 version and trying to reach 10.1.10 h1. the problem is when I press check now to see the OS versions availables, does not appears nothing new, and in don´t the chance to download/install newer versions. I´m using dns 8.8.8.8 4.4.2.2 also tried 1.1.1.1  

PA downloads.jpg

questions to advanced url filtering

Hi all, I renewed licenses and bought the new adv url subscription which is already activated in my customer portal. However, my firewall still has the legacy url license active. 1) Do I need to import the adv url license manually? What happens to the legacy license? 2) Is there any impact when switching from legacy to adv? 3) There is a PA 220 ...

DVB_Bank by L1 Bithead
  • 3170 Views
  • 3 replies
  • 0 Likes

Resolved! Auto-commit failing: interfaces down, not able to force commit

We are struggling with the following error and Palo Alto TAC is not able to provide the proper support, they are just asking us to do an RMA or to factory reset, but the truth is that we are having the same issue in 2 different firewall clusters with different configs and specs. After the firewalls powers on/reboot the "auto-commit" gets stuck a...

MarcelST_1-1606948327447.png
MarcelST_0-1606948079053.png
MarcelST by L3 Networker
  • 31671 Views
  • 9 replies
  • 0 Likes

Auto-commit after upgrade to 10.0.0 fails

Hi all, After upgrading a PA-220 from 9.1.13 to 10.0.0 Data plane is not coming up as auto-commit keeps failing. The only info i got so far is as shown:I have downgraded the PA back to 9.1.13 and the auto commit is successfull after reboot. However when i upgrade back to 10 it fails.As anyone experience this? How can i troubleshoot this further?...

GnContente_0-1646686454846.png

Upgrade 9.1.0 to 10.0.0 PA220

Hello, im experiencing issues with upgradeing my PA220 from 9.1.x to 10.0.0.The new software installs, but autocommit fails after upgrade. So i figured i had something in my config that is either changed or not supported in 10.0.0, so i wiped my box clean witha debug command and booted it up in 9.1.0 without config. Then tried to upgrade to 10.0...

UI issues in PAN OS 10.1.5-h1

Hi All, I seem to have run into some minor UI bugs in PAN OS 10.1.5-h1: 1. When you open a security policy rule, the tags section is squashed and you cant re-size it or click the drop down (see below)2. When you click on the contextual help in the Web GUI, the help webpage that usually loads just seems to go into to some sort of loop and never f...

BenPrice_0-1650351175218.png
Ben-Price by L4 Transporter
  • 8645 Views
  • 10 replies
  • 0 Likes
  • 24363 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks