General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Terminal Server doesn't work with Microsoft applications

Hi guys,

We faced an issue where users' traffic related to office applications from a system, on which Terminal Server is installed, gets dropped by the firewall due to the unknown source user. We are using Terminal Server Agent as the means of user i

...

AWS Tunnels Down when We make a Failover

Hello everyone,

I have observed that when a failover occurs on an active/passive cluster the IPSEC tunnels to AWS all go down and take a time to recover.

I have verified that the traffic goes down and does not communicate for a time of about 5-10 min

...

Resolved! Flexible vCPU VM Firewall interfaces are down

Hi,
I have a problem with bringing up interfaces on a VM firewall running with this configuration:

vm-license: VM-SERIES-2

vm-cap-tier: T1-5GB

vm-cpu-count: 2

vm-memory: 5061728

vm-mode: VMware ESXi

sw-version: 11.1.4-h13

show interface hardware

to

...

Releases guidance

Hello, why I lost access to software releases guidance page? I receive a access denied error

Static Routing across Site to Site VPN with many remote subnets

Relatively new to Palo and I feel like I've spent hours searching with no answers so, if this is a completely basic topic, please feel free to point it out.

I'm migrating a dozen or so firewalls from FortiGates to Palo PA-445 (using Panorama). M

...

PA-440 Recommended o.s version

Hi All,

kindly advice on the recommended O.S for PA model 440

thanks,,

Resolved! Management and Dataplane on Vsys

Hello Everyone, I have a question.

When using virtual systems, how are the management and dataplanes split?

Is the management plane shared between VSYS and Dataplane separated? Or are both the same for all VSYSs?

Qs about bidirectional NAT offerings

I am looking for a router/firewall with the following specs:

at least 10 1Gb ports
supporting bidirectional NAT
compact

Can someone point me to PA products which would meet these very loose specs? Not sure if every PA device supports it.

Resolved! Site flagged as GRAYWARE (PLEASE HELP!!!)

I have detected that my website a64.in has been marked as grayware and it must be a mistake.

It is a very simple website that host my blogs that has no advertising.

I have checked everything on the server and updated plugins. All the malware tests

...

Palo Alto 5280 Firewall

Hello everyone. I'm new to the Palo Alto community. However, I have a question. Does anyone have any documentation on configuring BGP routing on a Palo Alto 5280 firewall?

Resolved! Management interface woes

I only have fiber available at the firewall location. I am using the inside interface to do management (port 13). I have configured a management profile and am able to HTTPS, SSH, and PING to that interface.

I have also configured the Service Route

...

Upgrade DCs to W2019 stop working Palo Alto agentless

Hi,

We upgraded all ours DCs to W2019server and now the Palo Alto can not monitor the users. We use Agentless UserID.

So how can we fix it?

Engagement Points Guide

Hi, please can you help me find the Palo Alto Engagement Points Guide - for partners.

Resolved! Unable to download the new version

Hi All,

Getting below error while downloading the image.

Operation

Download

Status

Completed

Result

Failed

Details

Successfully downloaded
Preloading into software manager
Error: Image File Authentication Error
Failed to load into software ma

...

Assistance with 100Gb load testing on a PA-5450

We have a spirent connected directly to a PA-5450 to do load testing on the 100Gb ports. The PA5400 has two NC cards (Slot 1 & 2) and then 4 DPC cards (slot 3-6). The docs show that NC1 is logically mapped to DPC3, and NC2 is mapped to DPC4. But t

...

Discussions

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

Discover LIVEcommunity Through Our New Animated Explainer Video!

Terminal Server doesn't work with Microsoft applications

AWS Tunnels Down when We make a Failover

Resolved! Flexible vCPU VM Firewall interfaces are down

Releases guidance

Static Routing across Site to Site VPN with many remote subnets

PA-440 Recommended o.s version

Resolved! Management and Dataplane on Vsys

Qs about bidirectional NAT offerings

Resolved! Site flagged as GRAYWARE (PLEASE HELP!!!)

Palo Alto 5280 Firewall

Resolved! Management interface woes

Upgrade DCs to W2019 stop working Palo Alto agentless

Engagement Points Guide

Resolved! Unable to download the new version

Assistance with 100Gb load testing on a PA-5450

Is there any way to apply multiple interface management profiles

THREAT MAP on GUI is unable to export

GlobalProtect Machine account exists with device serial number config

Identifying Source IP Addresses for Routing Palo Alto Firewall Logs to an Azure Collector via IPSec Tunnel

BPA Tool not showing details for issues

Re: CLI - Basic to Advance PAN-OS 11.1

Re: flow_tcp_non_syn_drop - packet capture on this counter?

Re: IP Wildcard Mask Address Objects

UserID periodic empty groups issue

Re: Questions Regarding Output Difference in "show ctd-agent status security-client" Command

Unlock your full community experience!

Resolved! Flexible vCPU VM Firewall interfaces are down

Resolved! Management and Dataplane on Vsys

Resolved! Site flagged as GRAYWARE (PLEASE HELP!!!)

Resolved! Management interface woes

Resolved! Unable to download the new version