Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

I cannot enter maintenance mode on a PA-220. I recycle power and have console cable connected - tried USB and also roll-over cable. Tried 3 different

I cannot enter maintenance mode on a PA-220. I recycle power and have console cable connected - tried USB and also roll-over cable. Tried 3 different software emulators - Putty, TeraTerm and Mobaxterm.
When it comes enter Maintnenance Mode no prompt c

...

URL FIltering

I was curious if anyone knows why even when traffic is flagged as a threat by URL filtering there are still packets being sent and received?

Resolved! Certificate dependancies

Hi,

We use a lot of certificates within our Palo Alto/Panorama setups.

Is there a way to get a spreadsheet/PDF etc... to tell me what though certificates are attached to providing services for etc...?

Is there a way to link certificates to what they

...

IPv6 and IPv4 addresses in same security rule?

is there an issue with doing this - I have a rule set to match any address except one particular IPv4 subnet (ie using the negate function) - works fine.

I added an IPv6 prefix to the rule (still negated) - now the rule negatively matches the v6 addre

...

Resolved! Can someone describe the load balancing algorithm used for Aggregate links?

Reading the documentation and forum posts, it doesn't appear that the PA is using LACP, therefore, it's not using one of the 3 common LACP load balancing algorithms.

Could someone describe how it's making the decision to send traffic down a particular

...

Resolved! Renewing Certificate for GUI from External CA

We have followed the below document. After importing the newly signed certificate into the firewall it does not replace the pending csr containing the private key. PAN OS 9.1.11-h3, any one else experience this issue?

Obtain a Certificate from an Exte

...

Resolved! Downgrade panorama ha managed device.

Hi,

I have the following situation, a HA cluster managed by panorama. For testing purpose I would like to downgrade it to an 8.1.21 release. Coming from 9.1.12 release.

Couple of question:

Should I always perform upgrades / downgrades from Panorama,

...

GlobalProtect client for macOS 12 Monterey

Anyone know if/when there will be support of GlobalProtect running on macOS 12/Monterey?

QoS / WRED

Hi All,

Just wondering, is WRED configurable on PA firewalls?

If the models matter, I'm using 3000's and 3200's.

Thanks!

SCCM : Clients to DP communication

Following is the one of prerequisites to set up a SCCM infra, is there any existing app-id that can be used to cover this port requirement. Will it need an explicit rule based on port/service range only or any changes needed in VR (IP multicast p

...

Clear Continue Timeout URL Cache

Hey Everyone,

Is there anyway to clear the Custom category URL Continue timeout cache on Prisma/Panorama?

Thanks,
Nisha

Resolved! Palo Alto Packet Capture Vs Monitor Vs Session Browser

Hi for a beginner why what does the packet capture enable me to do that the Monitor and Session Browser do not ? If possible please could someone give me a scenario for packet capture that identifies a problem which the other two would not pick up -

...

MineMeld on Ubuntu 20.04 LTS

Hi Community,

since April 2021 is getting nearer, Ubuntu LTS 16.04 is getting nearer to end of life.

Is there any version successfully tested for Ubuntu 18.04 LTS or 20.04 LTS?

Last time I tried installing it, installation failed due to dependenc

...

Can I configuration send traffic log to syslog on global

I searched on internet and I found only setting send traffic log to syslog by per security rule. on situation that has multiple security rules (100-200 rules). Can I set Syslog on global? or It can be set only per security rule?

Any chance of an Automated Rollback on Palo Alto firewalls?

Hi-

Im familiar with Juniper equipment which all have the option to 'commit confirm' which automatically reverts the config change if a 2nd commit is not made within a certain period (default 10 mins I think).

Its a life-saver if you have to administ

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

I cannot enter maintenance mode on a PA-220. I recycle power and have console cable connected - tried USB and also roll-over cable. Tried 3 different

URL FIltering

Resolved! Certificate dependancies

IPv6 and IPv4 addresses in same security rule?

Resolved! Can someone describe the load balancing algorithm used for Aggregate links?

Resolved! Renewing Certificate for GUI from External CA

Obtain a Certificate from an Exte

Resolved! Downgrade panorama ha managed device.

GlobalProtect client for macOS 12 Monterey

QoS / WRED

SCCM : Clients to DP communication

Clear Continue Timeout URL Cache

Resolved! Palo Alto Packet Capture Vs Monitor Vs Session Browser

MineMeld on Ubuntu 20.04 LTS

Can I configuration send traffic log to syslog on global

Any chance of an Automated Rollback on Palo Alto firewalls?

WTH is process 'touch' and hwy is it showing zombie?

Add Virus exception

Migrate model FW to virtualwith panorama for policies (recommended procedure)

Newly Registered Domains configuration

Panorama 11.1.8 supports Azure VM series Palo Altos

Re: Virus/Win32.WGeneric.esuykr(752144200) via filename=msvcp140_2_app.dll

Re: Excel downloads being blocked

Re: Panorama 11.1.8 supports Azure VM series Palo Altos

Re: Newly Registered Domains configuration

Re: Changes to sinkhole?

Unlock your full community experience!

Resolved! Certificate dependancies

Resolved! Can someone describe the load balancing algorithm used for Aggregate links?

Resolved! Renewing Certificate for GUI from External CA

Obtain a Certificate from an Exte

Resolved! Downgrade panorama ha managed device.

Resolved! Palo Alto Packet Capture Vs Monitor Vs Session Browser