This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4222 Views
  • 0 replies
  • 0 Likes

Resolved! how to Revert configuration by cli - pa 200 v 9.0.14

Hi Guys, we have a problem on a HA pair, the secondary firewall is no longer accessible via either GUI or CLI.We can only connect via console, to restore one of the saved and working configurations, is it necessary to do only these commands? > configure # load config+ key key> from Filename> last-saved Last saved conf...

MAerre by L2 Linker
  • 7152 Views
  • 2 replies
  • 0 Likes

Resolved! TLS version for WEB UI

Hi All,I am trying to check what all TLS version is allowed for firewall web UI .Is there way we can validate this. ? Thanks .

S2S VPN 2 VRs not working

Hello, I have an external IP /30 network. I also have another external IP /28.I have created 2 VRs (with their ZONES).VR1 is the main router with the /30 IP used for Internet connection.VR2 is the second router (the one I just created)I assigned one of the /28 IP to the second VR. When I terminate a S2S vpn (from another PA Box) to this IP(/28) ...

Pantelis by L1 Bithead
  • 2243 Views
  • 2 replies
  • 0 Likes

Resolved! rename a subinterface

Hello,I need to know if it's possible to rename a subinterface, I see that is not available this field to be changed, then I need to know how should be the process to do that. thanks!!!!

Agentless user id issue

i am facing user id issue it's show connected but some time is not show not connected. when i check the USER-ID log i find this error. please suggest. Error: pan_user_id_win_log_query(pan_user_id_win.c:1364): log query for <Server-IP > failed: NTSTATUS: NT code 0xc002001b - NT code 0xc002001b2020-09-03 13:09:08.934 +0400 Error: pan_user_i...

Captive Portal HTTP only landing page?

Hi,I have set up the CP successfully. I see the CP is running on PA redirect IP:6082 with HTTPS.Is there any way that we can use HTTP only on the CP landing page?like http://PA_redirect_IP:6082not https://PA_redirect_IP:6082We are not using credentials for CP login, our CP just accept and go.No SSL encryption and protection needed.So, does PA st...

natwong by L0 Member
  • 2671 Views
  • 2 replies
  • 0 Likes

GeoBlock bypass for specific users

Hi All,We are using GlobalProtect for VPN connection to our internal network along with an on-prem PA Firewall. We want to be able to block traffic from regions we wouldn't normally do business in, but occasionally have the ability to make a USER-BASED exception to the block so that if USER A is traveling abroad to China, we can allow USER A to ...

jleever by L0 Member
  • 9140 Views
  • 3 replies
  • 0 Likes

Post 10.1.3-h1 issues - source-hip unexpected here

Validation Error: . rulebase -> security -> rules -> *** -> source-hip unexpected here . rulebase -> security -> rules is invalid . Commit failed Do any of you have come across this error post upgrade of Panorama 10.1.3-h1? Not having issues on other firewalls. Current version of the firewall which i am seeing this error is 8...

SKS7 by L1 Bithead
  • 10440 Views
  • 6 replies
  • 2 Likes

How to Block O365 access for non corporate users?

Hi Team, What is the best way to block non corporate O365 access in palo alto ? We have tried to block the predefined APP-ID office365-consumer-access but no luck because our Enterprises access also showing as office365-consumer-access. So it blocked all office access. Has anybody done this successfully in your environment? Thanks in advance.

Problem with LDAP group usage in Authentication Profile

Hi.I have a strange issue with LDAP groups in our PA-5220 setup.Our setup is two HS-clusters with each containing two PA-5220. All of the devices are fully managed using Panorama. All of the firewalls are running 9.0.5 and Panorama is also of version 9.0.5. The configuration looks like this, I have configured a LDAP server object with all of our...

TCP 179 BGP port exposed to non direct neighbour or multi-hop neighbor, no rules in place allowing such traffic - still reachable

Hi,We just got pinged by security that our Palo's are exposing their TCP 179 to the internet while we utilize BGP as routing protocol to our next hops.Now we haven't got any explicit rule which should allow TCP 179 on the public side, and yet a non BGP next hop device can reach 179, while we do not have an explicit rule about the routing protoco...

URL not accessible in Chrome and same working in Firefox

User trying to access external site, That particular website is not accessible getting "This site can’t be reached".The same URL is working on Firefox. Request traffic from chrome not reaching paloalto, the same from Firefox I can see the traffic logs.Other websites working in chrome browser through paloalto. The reported site is accessible in s...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks