General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! CVE-2021-3059 - clarity on disabling dynamic updates

The Security Advisory for CVE-2021-3059 suggests disabling dynamic updates as a workaround for the vulnerability. However, it specifically says to go to the Device Deployment > Dynamic Updates interface (which is in the Panorama tab of my deploymen

...

SIP ALG need to be disabled

We need to block SIP ALG on our firewall which is running 10.0.7.

Which does not have the option to disable under object---->Application---> SIP.

I came across with this document

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000

...

Frequency of l2ctrld.log entries

We have a case open with TAC at this time, and they noticed when looking for LACP issues that our l2ctrld.log on a few firewalls have not updated in some time - some have entries in the last day, others have not had any updates for over a week. I hav

...

ping -a not resolving name anymore

Hello Bro,

In our network we used to be in the same vlan of our employees endpoint and we used to use the command ping -a x.x.x.x

to resolve the name of the pinged IP.

after we have moved our PCs "admins" to a different zone, now we can't u

...

Syslog Forwarding to different log server

Hi All,

We need to forward Logging to SIEM server which is routed via Ethernet1/2 , We are already having service route configuration for forwarding logs to our own Syslog Server via management interface, Any option to have this connectivity in place

...

Resolved! Applications and Threats (Dynamic Updates) will not auto update anymore

pdates applications and threatOn my PA 2020, the Applications and Threats dynamic update will not auto update anymore.

Anyone else having this problem? Seems like pretty basic functionality, should not be messing up like this.

thanks

get this message with External EDL server

I have multiple firewalls that are connected to my linux EDL server to retrieve both IP address and URL list. I am using http and not https and the firewall is scheduled to pull the data every hours from the EDL web server.

on the firewall system l

...

Resolved! 3CX (Phone System) calls are disconnecting randomly

Dear Community Team,

One of the customer is facing issues on 3CX call system after upgrading to new firewall PA-3220 recently. It was Forcepoint Firewall used by the customer earlier and working fine.

Note: 3CX is a software-based private branch exch

...

Resolved! Remove Duplicate Address Objects

I have a number of address/service objects configured as Shared that were pushed to all firewalls. As part of a hardware refresh, a firewall was imported into Panorama into a new device group. The end result is now a lot of the Shared objects also

...

Resolved! Questioning about unsupported cipher suite for SSL Decryption

Hello guys.

I have installed SSL decryption policy, which is forward proxy, for particular users. It's working fine but some problem occurred. Korean messenger application called kakao-talk for PC is not being able to login during forward-proxy SSL de

...

userid mapping never timeout

Why some of the userids appear with a timeout of never for both idle and max timeout

Resolved! How to view the "others" in ACC Network Activity Source IP Activity

For the screen cap below I filtered the destination IP to one particular server.

This Source IP Network Activity widget is showing me the first 10 IPs that

talked to it. But then all the other sessions are summarized as "others".

I want to know all th

...

Resolved! Active Directory Users & Computers Latency with GlobalProtect

Hello All

anyone still experiencing high latency with ADUC, i tried several version of globalprotect, including the recent one 5.2.3-22, it takes me 5 to 10 min to search/display in AD users and computers. this issue keeps happening and did not see an

...

Resolved! GlobalProtect client frequently disconnects with "Received a virtual interface packet with fragment"

I am experiencing frequent disconnect events which typically last 30-90 seconds and occur about 2-3x an hour during the work day. When a disconnect event happens, all connectivity is lost from the user's point of view, however the GlobalProtect clien

...

Local policy to panorama

Hi,

We have a customer using panorama to manage few clusters.

For one of the location , they have just added the firewall to panorama .

So we have to load the firewall to panorama and then it shows the local config like policy nat etc

It is same like

...

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Resolved! CVE-2021-3059 - clarity on disabling dynamic updates

SIP ALG need to be disabled

Frequency of l2ctrld.log entries

ping -a not resolving name anymore

Syslog Forwarding to different log server

Resolved! Applications and Threats (Dynamic Updates) will not auto update anymore

get this message with External EDL server

Resolved! 3CX (Phone System) calls are disconnecting randomly

Resolved! Remove Duplicate Address Objects

Resolved! Questioning about unsupported cipher suite for SSL Decryption

userid mapping never timeout

Resolved! How to view the "others" in ACC Network Activity Source IP Activity

Resolved! Active Directory Users & Computers Latency with GlobalProtect

Resolved! GlobalProtect client frequently disconnects with "Received a virtual interface packet with fragment"

Local policy to panorama

Upgrade from version 10.2.7-h8 to 10.2.11-h2

IPSec setup with certificate

UNABLE TO PING MANAGEMENT INTERFACE FROM LAN

Site flagged as GRAYWARE Please Help!!

HA State is "not sycned" even though Sync Task is completed on Peer (Passive) Gerät)

Re: User ID agent not starting.

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Re: Sofware Upgrade broken? "An active license is required for this feature"

Re: User ID agent not starting.

Re: Cannot see Dynamic IP lists

Unlock your full community experience!

Resolved! CVE-2021-3059 - clarity on disabling dynamic updates

Resolved! Applications and Threats (Dynamic Updates) will not auto update anymore

Resolved! 3CX (Phone System) calls are disconnecting randomly

Resolved! Remove Duplicate Address Objects

Resolved! Questioning about unsupported cipher suite for SSL Decryption

Resolved! How to view the "others" in ACC Network Activity Source IP Activity

Resolved! Active Directory Users & Computers Latency with GlobalProtect

Resolved! GlobalProtect client frequently disconnects with "Received a virtual interface packet with fragment"