This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4431 Views
  • 0 replies
  • 0 Likes

Resolved! Global Protect - split tunnel catching too much

Global Protect is working great, but we're seeing too much traffic inside the tunnel and subsequently dropped on the DC firewalls.We're using split tunnel with specific routes and a couple of include and exclude domains. However, we're seeing completely unrelated traffic tunnelled through the VPN. Where do we even start with troubleshooting this...

dmgeurts by L2 Linker
  • 2159 Views
  • 3 replies
  • 0 Likes

Decryption Profile

I modified existing decryption rules to add a decryption profile to each of them. In the profile, I have "Block sessions with untrusted issuers" checked. I'm finding sites with well-known trusted certificates are being blocked due to this. My understanding is Palo has a very limited certificate store. What's the best/most common way to han...

MTU issues over SD-WAN

Looking for feedback around MTU sizing over SD-WAN. We have deployed firewalls with SD-WAN and are recieving feedback pxe boot for imaging pcs over the network is no longer working. It appears the MTU is larger than 1500 and is being dropped.The images are stored on an SCCM server. Any experience/suggestions how to handle this?

clewis1 by L3 Networker
  • 1373 Views
  • 3 replies
  • 0 Likes

Can't access support portal, oddly enough

I try to log into the support portal, and it takes my creds and MFA, and then gives me: "An unexpected error has occurred. Please contact support." (The irony is not lost on me.) I can't call, because the automated support line is expecting me to have a physical device, which I don't. Has anyone else had this experience?

CSchelin by L1 Bithead
  • 3265 Views
  • 4 replies
  • 1 Likes

DR Panorama facing issue with the login when performing failover from DC to DR

Dear Team, One of our customers is using Panorama for both their DC and DR locations. When the DC Panorama is active, they are able to log in successfully to both the DC and DR Panorama. However, when a failover is performed and the DR Panorama becomes active, they face an issue logging into the DR Panorama, even though the same credentials work...

john64 by L0 Member
  • 753 Views
  • 1 replies
  • 0 Likes

GP portal login page remains unavailable after unblocking IP

Dear community! I have configured a vulnerability profile to make use of threat ID 40017 in order to prevent brute force attacks on globalprotect portal page. Followed this article: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClJ2CAK It works well but once the offender IP has been blocked, if I remove the IP fro...

Carracido by L4 Transporter
  • 834 Views
  • 1 replies
  • 0 Likes

TSF file

I want to create a case, but tits mentioned upload a TSF file and its mandatory. the problem is I cant even log into the device to get a TSF file ( thats why I am creating a case for them). Any solutions ?

Decrypt Error When Connecting to GlobalProtect via 3rd Party Office Network

We have a user currently working from a 3rd party remote office for a project. When connected to the 3rd party's local network and then to GlobalProtect VPN, the user is unable to access any websites. Our logs indicate a decrypt error occurring during this process. Interestingly, when the same user connects to GlobalProtect using a mobile hotspo...

PA-VM-KVM-10.2.5.vm_eval not accepting username/password

KVM series (PA-VM-KVM-10.2.5.vm_eval) PANGFW evaluation copy on my laptop running GNS3 on top of VMware workstation. 2024-09-24 09:09:11.345 -0700 Error: sysd_construct_sync_importer(sysd_sync.c:360): sysd_sync_register() failed: (111) Unknown error code2024-09-24 09:09:12.347 -0700 Error: sysd_construct_sync_importer(sysd_sync.c:360): sysd_sync...

Technical Inquiry – Does PA-400 Series Support USG/BSG Functionality?

Dear Palo Alto Networks Support Team, We are evaluating the PA-400 Series (including PA-410, PA-415, etc.) for use in an industrial SCADA application that is subject to critical cybersecurity requirements, particularly those set by our national utility authority. Specifically, we would like to clarify the following: Does the PA-400 Series suppo...

huulamid by L0 Member
  • 1697 Views
  • 2 replies
  • 0 Likes

STATIC NAT NOT WORKING

Please consider below topology in which PC-1 - 3 are connected to Cisco Switch and having a gateway 192.168.1.1 configure on firewall. Firewall rule is any any and all the PC can ping the IT PC with actual IP. Now I want to deal with the scenario where all the PC-1 to 3 need to be statically translated to the IP in IT range which is 172.16.100.1...

Him143u_1-1749663293591.png
Him143u by L0 Member
  • 1049 Views
  • 2 replies
  • 0 Likes

Support PAN-OS Software Release Guidance

The change to the Support PAN-OS Software Release Guidance are useless for anyone not on the preferred release. I dont need to know what the current preferred release is. i can get that on the PAN in the software section and setting a checkmark How do we get back the complete list of releases including Hot fixes and new releases. due to issues t...

Now We are Available between 3.00 PM TO 5.00PM EST._reschedule the call

Hi Bharath, Thank you for reaching out and attempting to connect via the Zoom meeting for support ticket ####I apologize for missing the scheduled call. Would it be possible to reschedule the call? Now We are Available between 3.00 PM TO 5.00PM EST. Please let me know a convenient time, and I'll make sure to join. Looking forward to reconnecting...

Panorama Commit Logs with Description

How do you retrieve Panorama Commit Logs that also contain the 'Commit Description' field that gets populated? Its viewable in the 'Task Manager', but would like to pull a list from Panorama.

GMasanz by L0 Member
  • 2518 Views
  • 3 replies
  • 0 Likes
  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks