This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4131 Views
  • 0 replies
  • 0 Likes

GlobalProtect agent error message "ERROR_WINHTTP_CLIENT_CERT_NO_ACCESS_PRIVATE_KEY"

Hi all, I deployed the GP agent and user was authenticated by client certificate, most users wroks, but some users cannot pass the authentication and get the following error messages in PanGPA.log: (T1356) 06/08/18 13:39:53:722 Info (2559): PanWinhttpCallback(dwInternetStatus=WINHTTP_CALLBACK_STATUS_REQUEST_ERROR, this=0000029E2C99C820)(T1356) 0...

Resolved! WildFire analysis report rabbit images

Dear Team, When my client clicks on the WildFire analysis reprot, they see the rabbit image as shown below. Has anyone had the same experience as me? I would like to know the cause of the symptom and how to solve it. Thanks in advance,Kyungjun,

CHOEKyungJun_0-1656037901157.png

Resolved! Traffic cannot return

Hi Folks I have the next topology. The problem is the return traffic when I connect via GlobalProtect and I get a client IP 10.81.235.x. This IP cannot connect with a web server that is in the LAN, but this LAN is external through a data link routing.In the other side, owner of web server 192.168.36.38 they don't want to include subnet GP 10.81....

apazmino by L1 Bithead
  • 5752 Views
  • 4 replies
  • 0 Likes

Resolved! reaching Session Count Limit

Hello, what exactly happens when the firewall reaches the Session Count Limit? Discard the new sessions? and above all as regards the globalprotect VPNs are impacted?In my scenario I have two 5250 PAs working in HA Active / Passive and corporate VPNs go through globalprotect, I was wondering what happens if the FW reaches the session limit. Than...

porq91 by L1 Bithead
  • 5278 Views
  • 1 replies
  • 0 Likes

SNMP OID for identifying if an power supply had failed or removed from the firewall

Hi Team, We have an PA-5260 deployed in our environment. We need to get alert on our SNMP Manager when the Power supply to the firewall failed or the power supply had been removed from the firewall. Downloaded the Enterprise MIB file but not able to find the MIB OID for monitoring the power supply. Thanks in advance.

Issue with network driver of PAN-OS 10.1.3 deployed in azure

Hi Folks, We have an PA-VM-100 series firewall deployed in the Azure cloud. We have three NIC cards mapped to the firewall interfaces which is configured as below:NIC card 1 <-----> Management interfaceNIC Card 2 <----> Untrust interface(Ethernet 1/1)NIC Card 3 <----> Trust Interface(Ethernet 1/2) Recently we had upgraded the f...

Global Protect Redundancy

Hi, I would like to set up Global Protect VPN on 2 sites, and have a round robin redundancy between them.i.e. user1 logs on the GP VPN and connects to site A, then user2 connects to GP VPN and connects to site B, and so on... Is this possible? regards,

"You have been logged out due to unknown reason"

Any idea what causes this or how to investigate it? I can see the event as "User Me logged out via Web from My_IP" in the System Monitor tab. Happens intermittently otherwise I'd look at this: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClvyCACThis latest time, I did notice that "'Installed antivirus package: panu...

logged out.PNG

OSPF and BGP Redistribute

Can someone walk me through redistribution of OSPF into BGP and BGP into OSPF I am setting up a new VSYS (already done) with a new Virtual Router to an AT&T AVPN WAN There is a /30 between us and AT&T, and we use eBGP to AT&T. On the other router interface, we use OSPF everything in area 0. Probably no very good reason to clean thi...

birkhojk by L2 Linker
  • 9688 Views
  • 4 replies
  • 0 Likes

U-Turn stopped working after update

After Updating PA850 to 10.1.3, U-Turn to 2019 webserver is no longer working.Firefox Message:Secure Connection FailedAn error occurred during a connection to wdafire.townshipofhamilton.com. PR_CONNECT_RESET_ERRORThe page you are trying to view cannot be shown because the authenticity of the received data could not be verified.Please contact the...

Resolved! Login issues after password complexity change

We changed the password complexity and history settings on our firewall a couple of days ago.After committing the changes the local users are not able to login on the firewall.So we tried to boot into maintenance mode by connecting through a console cable in order to roll back to a older running config.This did not do anything though, because th...

ilirrama by L1 Bithead
  • 5527 Views
  • 5 replies
  • 0 Likes

Are there options in the Palo Alto SaaS Security Inline to block in real time cut/copy/paste/print activities?

Are there options in the Palo Alto SaaS Security Inline to block in real time cut/copy/paste/print activities? I have seen this some other CASB solutions to limit what the web browsers can do in real time not out of band (Palo Alto SaaS Security API) I just wanted to ask as I can't find it.

How to check the utilization of current firewall (eg. sessions, throughput, etc)

Hello,we have plan to upgrade our current PA-3020 firewall to new PA firewall.I would like to know how to check the overall utilization of currently firewall in order to determine the size of new firewall. (eg. the usage of sessions, throughput, total users, etc)I found some cpu and session info under PA Dashboard System Resource and ACC tab but...

zinkt101 by L1 Bithead
  • 5365 Views
  • 2 replies
  • 0 Likes
  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks