This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 2182 Views
  • 0 replies
  • 0 Likes

Resolved! Shared Security Policy Rules

When you have multiple device groups, are you able to create shared security policies?  When I try to select shared and create a security policy rule, the zones are blank.

 

Only workaround I can seem to find is create a security policy in one device g

...

ce1028 by L4 Transporter
  • 5511 Views
  • 2 replies
  • 0 Likes

PBF policy match works in CLI but hangs in the GUI

Hi,

 

Came across an issue where a PBF policy match works in the CLI, but not in the GUI. When you run the test in the GUI it just hangs. The PBF rule is working as expected in production, its just the test in the GUI that seems to fail. Anyone come ac

...

BenPrice_0-1635901518208.png
BenPrice_1-1635901757751.png
BenPrice_2-1635901890382.png
BenPrice_3-1635901946304.png
Ben-Price by L4 Transporter
  • 2167 Views
  • 1 replies
  • 0 Likes

Globalprotect Smart Card configuration

So my company is working to setup a new PKI infrastructure with smart card logins for the users. I have looked at all the 2FA and associated articles about setting up the VPN but it leaves a lot to the imagination. I followed the steps creating the c

...

j.bartha by L1 Bithead
  • 7443 Views
  • 4 replies
  • 1 Likes

Resolved! Ping an IPv6 Link local address

Hi,

 

Is it possible to ping a IPv6 link local address from a Palo Alto firewall? If so, what is the syntax on the firewall CLI?

 

I know other platforms allow you to define an outgoing interface when pinging a link local address, but this doesn't look t

...

Ben-Price by L4 Transporter
  • 5976 Views
  • 3 replies
  • 0 Likes

Captive portal palo alto issued with chrome

Hi all

I use captive portal on palo alto just zone Lan to internet and found issued about chrome

My client have window 7,8 and palo version 8.1

Test on firefox need open firefox and click to option for login to internet

But on chorme not option for click

...

Migration FROM PA-850 to PA-3220

Dear:

Good afternoon, what is the best migration option from a Palo Alto PA-850 to a PA-3220.

 

Thinking for example to be able to keep the self-signed certificates in the PA-850, used for Global Protect.

 

Based on your expertix and experience, what is t

...

Metgatz by L4 Transporter
  • 2291 Views
  • 1 replies
  • 0 Likes

Resolved! Custom URL category *.github.com not matching/working

I read some posts here about the best way to allow github to only *.github.com IPs and I can't seem to find an easy way to do it. 

 

If I do it this way:

 

 

Source IP – on-prem networks Destination - Any APP ID/Service – github/ssh/ssl/web browsing URL c...

drewdown_0-1635537126636.png
drewdown_1-1635537211464.png
drewdown by L4 Transporter
  • 8833 Views
  • 4 replies
  • 1 Likes

Commit Lock

Hey all,

Has anyone found a way for a non-superuser to remove a commit lock?

I'm aware the official line still seems to be only a superuser can remove the lock, and this is definitely the case in PANOS 9.0 but hoping there might be a way to have this a

...

SARowe_NZ by L3 Networker
  • 2757 Views
  • 1 replies
  • 0 Likes

VM Series validation Failed

where to check to troubleshoot the VM Series issue, as we are getting errors for the VM Series Plugin validation Failed. Please suggest if there are any specific logs or packet capture we have to look into.  

 

Error : - Resource-mgr-endpoint is invail

...

VM Series Plugin.png
  • 24253 Posts
  • 119 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks