This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 193 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 875 Views
  • 0 replies
  • 0 Likes

Resolved! Radius - Issue Invalid Username/Password

Hi Everyone,

 

I firstly want to thank to whomever takes their time to read this post, and provide me with some further insight.

 

To get into it.

 

I am attempting to configure RADIUS for Admins on my VM running 10.0.7, in which is pointing towards a Wind

...

InkedFail Auth_LI.jpg
InkedService Route RADIUS_LI.jpg
InkedRADIUS PA_LI.jpg
Auth Prof.PNG

Resolved! Issues with SSL Forward Proxy in Lab Environment

Hi!

 

I've recently been trying to setup decryption on my PA-220 in a lab environment and have not been able to get it set up correctly so far. It is licensed, up-to-date, and currently running 8.1

 

 

The steps that I've taken so far are to setup a decry

...

decryptionpolicy001.png
decryptionpolicy002.png
decryptionpolicy003.png
decryptionpolicy004.png
benball by L0 Member
  • 3245 Views
  • 2 replies
  • 0 Likes

Secure connection for firewall web GUI

Hello,

I want to make a secure connection for the firewall GUI access. therefore I perform the below task:-

 

I imported the wildcard certificate in the firewall and the same certificate attached in SSL/TLS profile ( This is 3rd party certificate get by

...

Jafar_Hussain_0-1635421220462.png

Session Agged out in logs

Hi Team,

 

need your support on my issue aged out and incomplet application for port 1433.

However, the policy is allow.

Need how to fix this..

Same subnet other two IPs working find ,But one of the IP is agged out

Resolved! PAN URL DB not getting update.

Hi Team,

 

I have 3 firewalls in my different loctions, All 2 firewall URL Update version is up to date. Only one firewall is a lower version. 

 

Also, I identified lower version firewall having a different update server when I checked the show url-cloud

...

VishnuPS by L3 Networker
  • 41694 Views
  • 20 replies
  • 0 Likes

Resolved! End-of-Life Date 8.0 - October 31, 2019

Hi, 

I found, what End-of-Life Date for PAN-OS 8.0 is October 31, 2019

https://www.paloaltonetworks.com/services/support/end-of-life-announcements/end-of-life-summary

 

We are using version 8.0.13 with active subscriptions.

1. Will we receive updates (Ant

...

aaobuhov by L2 Linker
  • 8328 Views
  • 5 replies
  • 0 Likes

Resolved! Management interface is down.

I found on my firewall that management interface is not able to communicate with LDAP server and so on. From the GUI it look everything is configured correctly but when I switched to CLI, I found that management interface is down.

Link status: Runti...

Henley by L1 Bithead
  • 6080 Views
  • 5 replies
  • 0 Likes

Resolved! Cannot Access Web Server External Only Internally

Hello,

 

I am trying to deploy a new PA850 and I am unable to access any web servers externally. I can access internally using the public IP using I believe the u-turn policy. Any help would be appreciated Thank You, MJF

Screen Shot 2021-10-29 at 10.14.43 AM.png
Screen Shot 2021-10-29 at 10.15.04 AM.png

Disable weak cipher suite in SSH

I would like to disable weak cipher suite in SSH for over 100+ Firewalls with the following commands.  The firewalls are running in High-Availability (H/A) mode, version 9.1.10:

 

configure
set deviceconfig system ssh ciphers mgmt aes256-ctr
set deviceco

...

dtran by L4 Transporter
  • 5087 Views
  • 7 replies
  • 0 Likes

User mapping not happening properly

We have recently added a user in the server list.

We are able to see the user in LDAP but when it comes to firewall we are not able to see the user in security policy.

When i checked the user with following command

show user ip-user-mapping all | match

...

Resolved! Globalprotect Portal same IP w/ management interface

Hello,

Before setting up globalprotect portal, I could access the management interface using the public IP externally. Once I configured globalprotect portal for VPN, the IP now directs you to globalprotect welcome login page. Which is normal, cause I

...

icap by Not applicable
  • 8796 Views
  • 5 replies
  • 0 Likes

Generated traffic logs showing weird information

I have a VM-500 panos-8.1.18. I am seeing traffic logs with below flags

Session End Reason- policy-deny (means traffic denied as per policy)

Action -Allow ( how can action be allowed when traffic is denied via policy)

Type- deny

 

We also have ssl decrypt

...

How do I set bgp auth-profile secret in XML?

<auth-profile>
<entry name="BGP">
<secret>-AQ==9wW2MMYTyjIArw6U5IgQlTHDTnc=zwKe7XpB+qQLdlenAO8tkg==</secret>
</entry>
</auth-profile>
 
The configuration appears to be encrypted, maybe using the master key or something. Is there anyway to set this in XML c
...

Resolved! IKE Error

In my system logs I'm seeing the following error:

 

"IKE phase 1 negotiation is failed. Couldn’t find configuration for IKE phase-1 request for peer IP x.x.x.226[500]."

 

The bizarre thing is that the tunnel IS working despite this error!!!

 

The reason fo

...

  • 24009 Posts
  • 115 Subscriptions
Top Solution Authors
View All
Top Liked Posts
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks