This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4440 Views
  • 0 replies
  • 0 Likes

Resolved! Installing a new cert

For Global Protect I currently have a server cert on my PAN 3220. When i imported it it had the entire chain - root, intermediate and the server cert. That server cert is now nearing expiration. I gave our cert manager a CSR from the PAN and I now have the new .PEM formatted server cert with longer expiry and the chain which includes the root an...

palomed by L3 Networker
  • 2449 Views
  • 1 replies
  • 0 Likes

PRISMA SD-WAN

Is Palo Alto dropping support for PRISMA SDWAN? A lot of the older but detailed CG branded docs are gone, but there are no new Palo Docs to replace them? I'm interested in implementing the Cloudblades, and all the site links take me in a loop of marketing material, and explanations of how great it is, but I can't find one doc that even list ...

4cls by L0 Member
  • 2642 Views
  • 1 replies
  • 0 Likes

Where do you get additional threat feeds from

Hello All,Just curious as to what additional threat feeds you use to ingest into your PAN. Here are some of the ones we use:Threat intelligence blocklistshttps://talosintelligence.com/documents/ip-blacklisthttp://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txthttp://panwdbl.appspot.com/http://www.spamhaus.org/drop/drop.txthttp://www.spa...

FQDN URLs that change IP addresses quickly

PA-3220 Active/Standby Pair10.0.8-h8 We have a URL we tried adding to a negate policy for inside to outside decryption. This resolves the ability to pull credit reports into our core financial system. However the problem is still intermittent. Its added as an FQDN object. Here's the thing, If I do an nslookup or go to digwebinterface.com and ...

ksauer507 by L3 Networker
  • 7297 Views
  • 5 replies
  • 0 Likes

Problem with Wildfire Registered Server busy or error

Hi team,We have detected loss of connectivity to wildfire, We have followed the following link but the problem persists https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000oMCYCA2Model PA-3220Version 9.0 Does anybody know what could be happening? Thanks so much

Alpalo_1-1644248096348.png
Alpalo by L4 Transporter
  • 2666 Views
  • 2 replies
  • 0 Likes

Firewall Failure

Hello guys, last week i have experienced something very weird.I have two PA-3220 in HA Active/Active. They were working properly and all of the sudden, the Active-Primary stopped working (all the interfaces went down except the management interface, all the led ports went also down except the Power led which was green. i was able to ping the man...

Multiple access domain/role to one user using Radius/ISE

Hi everyone,I have a scenario that i have two differents access domains and one user can access both, but one with read only permissions and another with write permissions.I cant create users manually and select AD / ROLE because the idea is that the control is centralized in RADIUS / ISE. In the example below, when i loggin in the Panorama i ca...

FernandoAraujo_0-1596370707473.png
FernandoAraujo_1-1596371038825.png

Resolved! Advanced URL Filtering - help me understand it please?

Hello all,I have the regular PAN-DB URL filtering and was considering the Advanced URL filtering. From what I understand after reading the documentation, if the PA URL DB recognizes a URL as risky, it sends it to the Advanced URL DB in cloud for real time analysis. Without the advanced URL feature, I'm open to a zero day attack because the URL d...

roma by L2 Linker
  • 3622 Views
  • 2 replies
  • 0 Likes

Any Issue on Customer Support Portal?

Hello.I currently cannot login CSP with Server Error, while I need to verify something urgently.Calls are on hold for a long time, never getting through. Does anyone have any information of system trouble or something in CSP?

YukaSato by L0 Member
  • 2003 Views
  • 1 replies
  • 0 Likes

Is it recommended to use Loopback interface as a source in path monitoring ?

Hi, I am trying to configure a path based monitoring for a static route on a virtual router X, now on the VR X, there is multiple interfaces, is it usually recommended to use one of the interfaces IP address as a source address for the monitoring rule when pinging google or better to create a loopback on that VR and use that instead. Thanks.

bambox by L1 Bithead
  • 2944 Views
  • 1 replies
  • 0 Likes

GlobalProtect + Mac

Hello. I have macos monteray 12.2.1 and GlobalProtect 5.2.6-87 All the traffic is not going in to the tunnel. Some still goes on the normal network outside of the VPN. Is there any setting in systems settings on the Mac that I have to allow for the software to route all the traffic?

  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks