General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

DNS Query Enchancement

Running PANOS-10.0.9. In GP Network>GlobalProtect>PortalsUnder App -Resolve All FQDNs using DNS servers assigned to by the tunnel(Windows Only) is Yes by default.I cant see these dns logs in Traffic logs?

Global Protect monitor

Good afternoon, I'm trying to understand the behavior of the global protect client as it pertains to session expirations. I'm getting a message "remove previous user" message. I'm trying to determine what that means as I'm used to seeing the "user session expired" message in the logs. What triggers the "remove previous user" flag? Is this u...

SSL decryption issue with PIP

I have added the URL to the exception list with no luck. Any suggestions? C:\Users\Steven Williams\AppData\Local\Programs\Python\Python38>pip install Flask-SQLAlchemyWARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY...

Allow one Youtube Channel but block all other Youtube video

Hi , I have searched the available articles, I couldn't find a proper solution perhaps LIVE member could help me on this There's online learning platform which I need to allow all videos from this site, the training videos are embedded with Youtube linksANDin the current firewall we have block all Youtube videos. I have found the Youtube channel...

webserver service stopping

webserver service in palo alto stopping after certificate renewal and trying to access GUI. CLI is working. Tried restarting webserver service and management plane. But its stopping as soon as we try to access GUI and unable to access

Resolved! Captive Portal for Known users

Hi Team, Can we enable captive portal for the known users ? Like for internal users.

Resolved! Push Global Protect to the clients

We are currently managing Global Protect clients installation manually on the systems. So there any better way to manage the GP agent push and updates?

Resolved! Palo Alto firewalls alerts

Hello, Recently we have started working on enabling email alerts for our Palo Alto firewalls. One of the alert is for interface and HA status change alerts. Could you please let me know what can I do to enable same? Do I need any external tool for it? Any sort of help would be appreciated.

Resolved! Vulnerability protection profile change symptoms

Dear Team, When the firewall checks the policy, the Vulnerability protection profile is displayed as an Exclamation mark. The OS is using 10.0.4. I searched all bug-ids from 10.0 to 10.2, but couldn't find anything matching the symptom. If you have any causes and solutions for the above symptoms, please share with me. thanks in advance...

Tenable Scan on Palo Alto firewall / Panorama

Hi All, Are Tenable vulnerability scans (see below) on Palo Alto firewalls / Panorama resource intensive for the PA devices? Does this cause high DP or MP issues? https://community.tenable.com/s/article/How-to-perform-a-compliance-scan-on-a-Palo-Alto-Firewall Thanks in advance.

Resolved! http/2 connection session id

Dear Team, I have a question while checking the traffic log. In general, we know that each id is created when the session is created. However, the http/2 connection session id is identified as the same id. I know that when the session id is input according to the link below, it is input as the parent session ID. (The ssl session is displayed as ...

HA Pair Config Sync issue

When we try to manually Sync the Active/Passive. HA Pair has local config sync error. This error is trying to sync the config between the two devices, but it's trying to sync local config (ie. management config) and not policies. I don't believe it should be trying to sync things like management ip's, hostname etc.. I need the expert's advise on...

Failed to backup mongo DB after upgrading to 10.1

Dear community, After upgrading Panorama to Pan-Os 10.1 we get the following system log daily:"Auto mongo backup: Failed to backup database 'pan_ms' collection 'msak':" Any idea what is this error about and how to "silence" it? Many thanks in advance!

CLI - Regex with "?"

Hello all, Does anybody know how to use a Regex that contains "?", obviously that doesn't work because that automatically triggers the helper?For example, I'm trying to filter results for a certain CLI command using this: | match (?s)(word1.*?)(?=word2|$) You can see that it contains multiple question marks, I'm not sure what I can do to get tho...

External Dynamic List error

Hello, I have configured External Dynamic Lists by using Minemeld a few month ago. It was workinf fine. The lists are available (tried from a web Browser) I noticed that I have following system logs for a few weeks : Unable to fetch external dynamic list. Failure when receiving data from the peer. Using old copy for refresh. We are running PanOS...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

DNS Query Enchancement

Global Protect monitor

SSL decryption issue with PIP

Allow one Youtube Channel but block all other Youtube video