General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1187 Views
  • 0 replies
  • 0 Likes

Disable TLS 1.0 and 1.1 and also weak cipher

How to disable TLS version 1.0 and 1.1, also to disable weak cipher for WildFire

 

Configure Authentication with Custom Certificates on the WildFire Appliance

 

I went through this KB it shows how to disable the 1.0 and 1.1 but how to disable weak ci

...

In Wildfire how do we disable weak TLS ciphers?

Nessus scanning is picking up TCP/443 TLS v1.0 and v1.1 on our WildFire (WF-500) appliances.

 

Is there a way to turn off TLS v1.0 and v1.1 on the WildFire ?

 

Below is the Nessus scanner notification.

-------------------------------------------------

...

Resolved! Request for Upgrade Advice on Palo Alto Firewall PA-1410

Dear Palo alto network Team,
I hope this message finds you well.
We are currently running a Palo Alto Firewall PA-1410 with software version 11.2.3 and are planning to upgrade to a newer version. After checking the available software versions, we have

...

Software list.PNG
Ploalto_Version.png

preferred PAN-OS software versions table

HI, dear PaloAlto team,

 

Why has the preferred PAN-OS software version table been changed? The previous view was much better, because it allowed to select the preferred software version and schedule changes....
Now there is only one preferred version

...

Resolved! Geo Location A1 disapeared

We've been using source region A1 (anonymous IPs) as source in a block rule for over an year. Today, while validating an unrelated change, we came across a validation error stating "Source 'A1' is not an allowed keyword."

Panorala and Firewalls are a

...

Dynamic ports to Static

Hi Team,

 

I'm trying to configure the Dynamic ports (49152-655355) to static 37001 . We have destined server which is sending dynamic ports to establish the link and data exchange.

what is best option to have this hardening.?

Resolved! Error during Commit operation

Hello,

 

if you encounter this while performing a commit:

Error: Certificate 'XXX' failed to load: parse tbs certificate dn failed
Error preparing global objects
failed to handle CONFIG_UPDATE_START

 try these commands in the CLI:

debug dataplane reset...

Resolved! WEBUI Session Timing Out

Hello,

On my PA-820 I started getting the idle timeout message below:

"Your login session has expired and you have been logged out for security reasons. Please log in again if you wish to continue."

Normally this was never an issue and I simply logge

...

RH747 by L2 Linker
  • 14128 Views
  • 19 replies
  • 0 Likes

Resolved! Palo Alto Software Visio files

Hi all,

 

I am looking for the Visio stencils for PAN Azure deployments. There was one floating around that contained all the Azure deployments etc which was really useful. I think it was for Cyberforce members only but I can't seem to find it.

 

htt

...

Resolved! Device Certificate fetch failure

Version : 10.1.6-h3

Issue/ Error log : Failed to fetch device certificate. Failed to send request to CSP server. Error: No OCSP response received(dest => 35.222.13.89)

Tshoot : Generated OTP over support portal but no option for me to key in the OTP

...

VLim by L2 Linker
  • 42958 Views
  • 14 replies
  • 0 Likes
  • 24171 Posts
  • 117 Subscriptions
Top Solution Authors
Top Liked Authors
Labels