This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4229 Views
  • 0 replies
  • 0 Likes

Queries on IPv6 to IPv4 Conversion

Can anyone answer and provide the clarification on to the below queries. Does Palo Alto support IPv6-to-IPv4 NAT without a DNS64 server? 2. Does Palo Alto support /128 IPv6 addresses in NAT?

Filter Certain Search Strings using URL Filtering stopped working

We set up a custom URL category proxy-search following the instruction here https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Filter-Certain-Search-Strings-using-URL-Filtering/ta-p/52441This worked fine but recently it has stopped working. Students can now type the search words we block on the list in Google and they can search ...

Bootp

We have discovered a few bootp devices which are unable to get an ip - looks like unsupported with Palo. Anyone have come across this issue and have a suggested work around?

clewis1 by L3 Networker
  • 2885 Views
  • 1 replies
  • 0 Likes

Resolved! XML API for Global Search

Hi All,I am trying to test XML API for global search . I am trying to use for search security rule with given description . ANy help for this.

Resolved! Can this OID notificate the expired certificates for SSL decryption and Global Protect?

Hi, I found the below OID in SNMP Trap.Can this OID notificate the expired certificates for SSL decryption and Global Protect? https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HBfzCAG ====panCryptoCertExpiryTrap .1.3.6.1.4.1.25461.2.1.3.2.0.100 Certificate expired==== Best regards,MasaW

MasaW by L2 Linker
  • 1360 Views
  • 1 replies
  • 0 Likes

Website Filtering Dillema

Good morning, I've got a situation where some students are going to an inappropriate gaming site that also bypasses the content filtering I have in place and allows access to some adult content, this is one of the websites: https://friv2025.com, the issue I'm having is I can block this particular URL, but all they need to do is change the year i...

buppd96 by L0 Member
  • 1306 Views
  • 1 replies
  • 0 Likes

Resolved! Global Protect - split tunnel catching too much

Global Protect is working great, but we're seeing too much traffic inside the tunnel and subsequently dropped on the DC firewalls.We're using split tunnel with specific routes and a couple of include and exclude domains. However, we're seeing completely unrelated traffic tunnelled through the VPN. Where do we even start with troubleshooting this...

dmgeurts by L2 Linker
  • 1971 Views
  • 3 replies
  • 0 Likes

Decryption Profile

I modified existing decryption rules to add a decryption profile to each of them. In the profile, I have "Block sessions with untrusted issuers" checked. I'm finding sites with well-known trusted certificates are being blocked due to this. My understanding is Palo has a very limited certificate store. What's the best/most common way to han...

MTU issues over SD-WAN

Looking for feedback around MTU sizing over SD-WAN. We have deployed firewalls with SD-WAN and are recieving feedback pxe boot for imaging pcs over the network is no longer working. It appears the MTU is larger than 1500 and is being dropped.The images are stored on an SCCM server. Any experience/suggestions how to handle this?

clewis1 by L3 Networker
  • 1305 Views
  • 3 replies
  • 0 Likes

Can't access support portal, oddly enough

I try to log into the support portal, and it takes my creds and MFA, and then gives me: "An unexpected error has occurred. Please contact support." (The irony is not lost on me.) I can't call, because the automated support line is expecting me to have a physical device, which I don't. Has anyone else had this experience?

CSchelin by L1 Bithead
  • 3190 Views
  • 4 replies
  • 1 Likes

DR Panorama facing issue with the login when performing failover from DC to DR

Dear Team, One of our customers is using Panorama for both their DC and DR locations. When the DC Panorama is active, they are able to log in successfully to both the DC and DR Panorama. However, when a failover is performed and the DR Panorama becomes active, they face an issue logging into the DR Panorama, even though the same credentials work...

john64 by L0 Member
  • 723 Views
  • 1 replies
  • 0 Likes

GP portal login page remains unavailable after unblocking IP

Dear community! I have configured a vulnerability profile to make use of threat ID 40017 in order to prevent brute force attacks on globalprotect portal page. Followed this article: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClJ2CAK It works well but once the offender IP has been blocked, if I remove the IP fro...

Carracido by L4 Transporter
  • 798 Views
  • 1 replies
  • 0 Likes

TSF file

I want to create a case, but tits mentioned upload a TSF file and its mandatory. the problem is I cant even log into the device to get a TSF file ( thats why I am creating a case for them). Any solutions ?

Decrypt Error When Connecting to GlobalProtect via 3rd Party Office Network

We have a user currently working from a 3rd party remote office for a project. When connected to the 3rd party's local network and then to GlobalProtect VPN, the user is unable to access any websites. Our logs indicate a decrypt error occurring during this process. Interestingly, when the same user connects to GlobalProtect using a mobile hotspo...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks