General Topics

Discussions

Sorted by:

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Newbie: VPN on PanOS 10

Hi everyone,

This is probably trivial, but I am fairly new to this so bear with me:

I would like to set up the PA firewall as a VPN server for users to connect to (ideally, using only the built-in windows client). After authentication they should have

...

PANOS 9.1 know issue PAN-83610 network processor

PAN-83610

In rare cases, a PA-5200 Series firewall (with an FE100 network processor) that has session offload enabled (default) incorrectly resets the UDP checksum of outgoing UDP packets.
Workaround: In PAN-OS 8.0.6 and later releases, you can persist

...

Maintenance mode

When we try to access maintenance mode keeping "M" press the device just stop booting and nothing appears on console. Then if I press the M after some seconds just normal boot. We also try typing "maint" but no luck

VWire Radius (NPS) via Mgmt

Happy 2022 !

We've just setup VWires for our branches firewalls (A/A Layer 2), no ip address on any interfaces except :

- Mgmt (routable and managed by Panorama)

- HA1-3 (non-routable address)

Most of the device management (SNMP, NTP and etc via Mgmt

...

Downgrade from 9.1.12.h3 version to 9.1.9

Hi All,

I have decided to upgrade my Palo Alto 850 from version 9.1.9 to 9.1.12.h3 but after the secondary Palo Alto upgrade facing an issue where interface are not getting up so my team decided to roll back to version 9.1.9. Should my configuration

...

PANOS 8.0.x restart IPSEC tunnels from GUI

Dear all,

we found out that we are not able to restart VPN tunnels in PANOS 8.0.x from GUI because its grayed out and it is an expected behavior as you can see the message "Restart disabled because OK".

The conclusion is that on version 8.0.x it's no

...

Remote backup issue

I am trying to backup the config from a remote backup server. The backup file is generating but no config showing in the file. Instead when I open the xml file, I can see this " <?xml version="1.0"?> -<response code="403" status="error"> -<resul

...

Kerberos SSO for Captive Portal

Been working through options for gathering userID data on non-domain-joined machines lately, so here's another complete option using Kerberos (krb) SSO.

Create a user in AD (my example, username: krb.palo), check the boxes for:

User cannot change pass

...

Resolved! Best practice to write an application based policy whith some ports different from standard

Hello,

I would need to write a policy to allow Oracle connection on specific servers.

Unfortunately I have some Oracle instances that don't use the standard TCP 1521 port.

How can I handle this problem writing just one rules that matches all my destinat

...

Resolved! user-id not mapping

Hello community,

I'm facing an issue with user-id agentless.

i did the following configurations

Create LDAP Server Profile
LDAP/Group Mappings configured on FW
User-ID Group Mapping Settings.
server monotoring is connected
Include network set
User ID on

...

Resolved! about session offload

Hello

the purpose is to minimze the cpu consomption but in wich way ?

how the offload work exactly?

thank's

Resolved! Log collector drive bays question

Hey all,

I need to replace a disk on a Palo Alto M600 log collector There are no disk labels on the device. Could anybody here confirm which bays are A1/A2 and B1/B2? I've attached a photo. I'm guessing A1 starts the top left but I' not sure.

#m600

Resolved! Missing PANGPS Virtual Ethernet Adapter

When launching Global Protect for the first time, the computer will prompt for the portal to connect to. The portal information will be enter and when hitting connect it will only display "Connecting...". It will not get to the username and password

...

How to access Management interface through host name

I want configure wild card certificate to management interface through SSL/TSL profile. so i want to access this management interface through host name. how to configure this on Palo alto.