General Topics

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Enterprises are embracing AI to revolutionize their operations, but with innovation comes new cybersecurity challenges. That’s why you can’t miss Ignite on Tour!

This event is your gateway to exploring how AI is transforming cyber defenses. Join us

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Minemeld crashes every few days

Hi there,

I'm pretty sure we've installed everything correctly and things are largely working well but every few days the system stops functioning and we need to uninstall Libtaxii and PYTZ.

Then we reinstall the correct versions 1.1.111 and 2017.2

...

Palo Alto Stopped taking New Policy Traffic.

We recently upgraded the Palo Alto version to 9.1.7 on our physical hardware 3200 series. After 02 days we notice that before upgrade all policy rules and NAT works fine. However, The NAT and policy which we created after the upgrade not working. Not

...

redist route from bgp to OSPF is sending more than the default route

When we turned up BGP in the Palo with ExpressRoute, we started to receive 4 subnets from Microsoft.

The customer found that these subnets are being leaked into the Extreme Fabric through the OSPF adjacency to the Palo’s, where only Default route sh

...

Resolved! Is the feature available for email reporting on getting the Threat log for every 15minutes on firewall

Hi Team,

Greetings!!

I have a query, whether there is a feature for generating an automatic Threat log report for every 15minutes.

While checking with the firewall end i could find only for a day that is last working day alone and so on and so forth.

Is

...

Issue with GlobalProtect after Upgrade

Hello,

We're currently experiencing some issue with several clients that are trying to upgrade their client.

They're moving from 2.3 to 5.1. Sometimes, the client cannot connect at all (clicking on connect button from gp client but nothing is happenin

...

Resolved! HA2 Options

What is the advantage of using the HSCI port for HA2 as opposed to using one or two data ports?

Would a QSFP-40G-CR4 be compatible with the HSCI port?

Or a SFP-H10GB-AOC5M? SFP-1000BAS?

Question about multiple filters in a User-ID Syslog Parser

Greetings all,

I noticed that the syslog parser for User-ID allows you to enter multiple filters for each server... does anyone know how adding multiple filters of the same type (login for example) will work? I see there is a way to move the filters

...

Client ip pool grayed out

Hi,

Why Client IP Pool in gateway level is grayed out ???

OpenSSL SSLv2 Man-in-the-Middle Vulnerability under Top threats in Daily reports

I consistently get OpenSSL SSLv2 Man-in-the-Middle Vulnerability under Top Threats in Daily Reports.

What does this mean? am I getting attacked? is it reporting a vulnerability in devices?

At what level should I be concerned with this?

Wrong HIP match

Dear All,

issue:

I have the firewall 5220 with PAN-OS 10.0.3 and I am facing an below issue:-

As GlobalProtect 5.2.6 is released with support for OPSWAT v4 only while OPSWAT v3 is discontinued starting from 5.2.6, I tried to test it on a few machines.

...

Resolved! Captive Portal Redirect Issue

Hello! Quick question:

I have captive portal set up for one zone and it works well, where my captive portal "redirect host" ip is in the same zone/subnet as my users who need to authenticate. But I'm needing to expand this so that users from several

...

Prevent OSPF routing loops - Area 0

Hello,

We have a PA5050 with a couple of VRs.

VR1 is the main VR with interfaces into the main customer networks, internet access and a 3rd party link

VR2 is for GlobalProtect clients and a separate internet link for the GlobalProtect Portals/Gateway

...

GlobalProtect: Existing user session..?

Hi all.. I'm sure this will be a simple question to answer, but I can't find any explanation. In the following snip from our GlobalProtect traffic log on a PA200:

12/23/2014 17:142/23/2014 17:14GlobalProtect gateway user login succeeded. Login from: ...

Understand App_overrride

Hi,

We did a change from another vendor to PA. We realise that backups (vmware) were transferring very slow. So we created a app_override in order to avoid L7 in this VMware traffic. After that the spped for backpus got better.

So i have several qesti

...

Resolved! ssl inbound inspection

Hi community,

Will PA support inbound ispection if key exchnge mechanism is DHE/ECDHE ?.

i hope PA wont be proxying inbound SSL connection. whether PA changed this behaviour from any versions?

is there is a way to configure PA as proxy( we have server

...