This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4104 Views
  • 0 replies
  • 0 Likes

Upgrade PA stuck

Hi All, We try to upgrade PA5220 and it has been stuck quite long time. We tried to upgrade to 10.1.5h2 from 10.1.0. Any possible reason might cause of it?

403 Forbidden

I've run into a strange issue with the following website https://dvir-prod.aws.drivecam.net. When Users attempt to access it they are getting a 403 Forbidden. I'm not seeing an drops in the logs, and the packet captures don't point to anything either. I have to two 5520's in an HA pair and I forced the Active to Standby in the hops that it migh...

Remove a site from from Palo Alto's blacklist

My client's site, a Canadian site that prepares school supply kits, edupac.ca was hacked badly a few months ago. But we manually removed all malware files. We abandoned the original infected file base, restoring from backups, and now the code base is a clean version from before the hacks. EduPac is an established company for over 20 years. I am ...

Resolved! Palo Alto rejecting one route

I'm having trouble seeing one route in my RIB and FIB. My BGP peer shows it is advertising the route to the Palo Alto, however I see the following when showing the peer at the PAN:sstadmin@200-PFW-01> show routing protocol bgp peer peer-name DMVPN-RouterPrefix counter for: bgpAfiIpv4 / unicastIncoming Prefix: Accepted 49, Rejected 0, Policy R...

Resolved! Security policies not matching traffic

Hello! I am having quite a few strange behaviors from the Palo Alto firewalls. I have a rule for an entire subnet (10.209.82.0/24) to be allowed from inside to outside zones via any port to any IP address yet there is still somehow traffic being denied. Obviously, this isn't the greatest from a security perspective, but I arrived there out of fr...

Resolved! Possiblility of getting locked out of web interface?

Currently, I'm using a local administrator account on the firewall (no Panorama), but I want to configure authentication between it and active directory. I went through Palo's guide for setting up Kerberos (I read that this is preferred over LDAP due to its increased security, but please chime in if you disagree), but I'm worried about the chanc...

JanayE by L0 Member
  • 3144 Views
  • 1 replies
  • 0 Likes

An active Wildfire license is required for this feature

Hi everyone!Every 15 minutes i get an email notification: opaque: Retrieving Content 'WildFire' info failed with error 'An active Wildfire license is required for this feature' but the license is valid till October 2022. Could someone help me with this issue ?My device is PA 850 Thanks in advance

Firewall rules for update Palo Alto´s firewall content on Check Point!

Hi Guys!My Check Point firewall rule for Palo Alto fw update its contents, so im not confortable with the destination part (all_internet)PA fw (x.x.x.x) to all internet on service https (tcp.443) accept...! So instead of put ALL INTERNET on destination, i think PA should have documentation on it, about the destination for updates and also about ...

Aftermath_0-1653903851018.png

Resolved! Minemeld static url/ipv4/md5 list

Hi everyone,we have installed minemeld in our facility and it's great, but we are having trouble implementing a solution that takes lists internally, our current goal is to update the list manually based on the ipv4 / url we get from our security team. Is there any guide that explains how this can be done? Thanks , Angelo.

porq91 by L1 Bithead
  • 4965 Views
  • 6 replies
  • 0 Likes

Resolved! Expedition import of Cisco ASA

Hi, new to Expedition and have just installed (Ubunto 20.4 and latest Expedition packages) . Imported a running config from a Cisco ASA 5525X without issue but when I move away from the dashboard to look at the 400+ address objects I see no objects and then returning to the dashboard they are gone as are a lot of other objects. Appreciate and gu...

AndyH64_1-1653868101698.png
AndyH64_2-1653868171663.png
AndyH64 by L0 Member
  • 2556 Views
  • 1 replies
  • 0 Likes

Resolved! Routing issues on PA410

I cannot get traffic to go out my outside interface - it will only go out the Management interfaceI have a PA-410 with several Inside interfaces / Outside (connected to an ASA) / Management (connected to my Inside network)Note: I changed the Outside IP's first 3 octets from the real to 3.3.3. in this post to protect the future public IP for this...

sos66sos by L1 Bithead
  • 4773 Views
  • 4 replies
  • 0 Likes

Windows Based Agent vs Integrated PANOS Agent

Hi everyone! I was quite new to Palo Alto Networks and one that caught my attention is setting up user-id.However, there are quite many videos which do not mention about the windows-based agent.What are the advantages if I decided to use windows-based than the integrated PANOS agent? And vice versa. Thanks!

RVizcarra by L4 Transporter
  • 6402 Views
  • 4 replies
  • 0 Likes

Resolved! GlobalProtect getting "Connection failed" message (sectigo certificate)

Hi, suddenly we are getting a "connection failed" message from the GlobalProtect Client while using the sectigo wildcard certificate in the TLS Profile of the NGFW. The traffic logs show a 'decrypt-error'.There is no decryption policy being used. We are on PanOS 9.0.7. It's a bit strange because everything worked just fine until now and there we...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks