General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

BGP Session flaps for every 3 minutes - PAN OS

Hi Team,

We have a BGP running over IPSec VPN. The VPN is terminated between PA 5250 and SDN Gateway. The VPN is running fine but the BGP session is flapping for every 3 minutes. Normally this behavior observed due to MTU size detection in during PMT

...

Resolved! Autofocus license

Hi there!

I'd like to know what is the difference between the autofocus enterprise edition vs standard edition? Could anyone help me?
I already searched in Palo alto docs but I didn't find nothing

Best!

Resolved! Custom URL Category override wildcard matches with more specifics?

Is there a way, within the URL Categories, to override wildcarded domain blocks in one category with more specific allows in another category? E.g. we have created custom URL categories for company allowed and blocked domains. I have a wildcarded dom

...

Resolved! Scheduled reboot of device

Hi,

Is it possible to schedule a reboot at a specific time.

I do know there is a manual reboot, but I thought It would make life easier if I could keep a scheduled reboot of the device to a specific time

like at midnight.

Any options via CLI or something

...

PA Firewall 3 Wan

PA Firewall With 3 WAN , Wan 1 (1.1.1.1) , Wan 2 (2.2.2.2) , Wan 3 (3.3.3.3)

we wan three wan have port forward to internal web server ip: 192.168.1.10 port 80

but only response on 1.1.1.1 wan 1 interface , another wan no response on port forward

Global Protect Connection method : Always-on not working on Mobile Apps

Hi Guy ,

I would like to know about the GP connection method: Always-on not working on global protect mobile-apps both android and iOS (iPad, iPhone) is shown about "The network connection is unreachable or gateway is unresponsive" but on Notebook or

...

Resolved! Problems signing in to the support site

I have a PA-220 at home I have a problems signing in to the support site. I get the following message when I want to log in to the support site: An unexpected error has occurred. Please contact support. And of course I can't create a ticket regardin...

Resolved! Can "Decryption Mirroring" forward non-encryption traffic?

I am planning to forward all traffic to traffic collection tool.

As I know there are "Decryption Mirroring" (https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/decryption/decryption-concepts/decryption-mirroring.html) and it will forward the

...

Network segmentation via routers VRFs to Palos VRs and OSPF

Hello everyone and thank you for your answers, I would like to implement segmentation in the data center, we will create VRFs in a Cisco Nexus Core switch and each VRF will have its own OSPF process to peer with a Palo Alto Firewall, all VRF traffic

...

Very weird PanOS upgrade issue

We have a pair of active passive firewalls on PanOS 9.0.11. We have attempted to upgrade to 9.1.10 4 times out of which 2 times was with tech support. Upgrade seems to cause issue with some linux servers which are critical to us. As an example we hav

...

Global Protect version 5.2.8 - issue with Microsoft Defender ATP

Hello

We have a issue with Global Protect, we have upgrade to 5.2.8 and the AV Microsoft Defender ATP is not work properly:

In the last version (5.2.5), there is no problem with AV:

Resolved! Block accessing PA CLI or web interface when work from home via Global Protect

Hi Team,

Usually we are working from office and there is no issue when accessing PA CLI or web interface.

Now when we are working from home and connecting to GP, we still can access and is there any ways to block the access?

If we are not connecting t

...

Miner for salesforce.com

Hi Team,

Can you please advise how to build a miner to map all salesforce.com IP's?

Globalprotect client losing dns intermittently

hello everyone

We have a intermittently issue with GlobalProtect client and the local DNS resolution. We have conigured local dns servers on network services and we have established "Resolve All FQDNs Using DNS Servers Assigned by the Tunnel (Windows

...

Inbound traffic to DMZ issue

We have reports of certain users not being able to access our public website but majority of users are able to. The traffic log shows that the application is incomplete. Packet capture reveals the 3-way handshake does not complete and the session tim

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

BGP Session flaps for every 3 minutes - PAN OS

Resolved! Autofocus license

Resolved! Custom URL Category override wildcard matches with more specifics?

Resolved! Scheduled reboot of device

PA Firewall 3 Wan

Global Protect Connection method : Always-on not working on Mobile Apps

Resolved! Problems signing in to the support site

Resolved! Can "Decryption Mirroring" forward non-encryption traffic?

Network segmentation via routers VRFs to Palos VRs and OSPF

Very weird PanOS upgrade issue

Global Protect version 5.2.8 - issue with Microsoft Defender ATP

Resolved! Block accessing PA CLI or web interface when work from home via Global Protect

Miner for salesforce.com

Globalprotect client losing dns intermittently

Inbound traffic to DMZ issue

License Forms

Does User ID Agent 10.2.4 compatible with PAN OS 11.1.13?

PAN-OS 11.1.13 Predefined reports displaying IPv4 addresses in IPv6 format

Update PANOS to 11.2.3-h3 from 10.2.12-h2

Escalation process for Customer's with Premium Partner Support

Re: PAN-OS 11.1.13 Predefined reports displaying IPv4 addresses in IPv6 format

Re: Does User ID Agent 10.2.4 compatible with PAN OS 11.1.13?

Re: Stale SIP Sessions

Hotspot Shield VPN still works even though traffic logs show deny – Palo Alto Firewall

Support with PA-440 Software

Unlock your full community experience!

Resolved! Autofocus license

Resolved! Custom URL Category override wildcard matches with more specifics?

Resolved! Scheduled reboot of device

Resolved! Problems signing in to the support site

Resolved! Can "Decryption Mirroring" forward non-encryption traffic?

Resolved! Block accessing PA CLI or web interface when work from home via Global Protect