This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

WHERE CAN I FIND A COMPLETE LIST OF PAN-DB URL FILTERING CATEGORIES?

Q1, WHERE CAN I FIND A COMPLETE LIST OF PAN-DB URL FILTERING CATEGORIES? We can't find a complete pre defined url categories. Now the pre defined url categories have 73 ithems. The KB was not update. Q2, Where can I download/epxort a complete list pre defined url categories. CSV?PDF? https://knowledgebase.paloaltonetworks.com/KCSArticleDeta...

Enable split tunnel for Zoom

Hi We are planning to exclude all zoom traffic from Global protect VPN and currently we are using 4.1.5 GP agent version. I have gone through the zoom documentation and created EDL but not getting option to exclude the EDL (external dynamic list ) in split tunnel >access route >Exclude , Kindly suggest to enable split tunnel for Zoom traf...

Yusuf_PA by L1 Bithead
  • 6815 Views
  • 3 replies
  • 0 Likes

Resolved! 3250 HA setup

HelloI am trying to setup HA on a pair of 3250s and am a little confused between what the datasheet says and what's available. Is there an example out there of how to set the ha1-a and ha1-b ports up. I've only done PA-850s and it appears the 850s have the HA1 and HA2. However, the 3250s have ha1-a being backed up by ha1-b and HSCI as the HA2. I...

MGMT interface routing questions

When I configure the mgmt interface on its own network and I use the PA for routing, do I need to setup a static route to access the HTTP interface from a different network? Or does a service route take care of this automatically? I have an HA active/standby pair, do service routes need to be configured on each device?

Microsoft Intune Out of Box Experience and Autopilot Hybrid AD Join

We are in the development phase of deploying a large number of new laptops to our user base. Due to the current circumstances with COVID and the changes we have made for out employees we would like to allow our users to receive the devices directly and utilize Intune for the deployment along with GlobalProtect pre-logon functionality. We curren...

Restrict Access to WAN Network PANOS9.0.x

Hi, We're looking to restrict access to our network in AWS on the other side of an S2S VPN. From the research i've done it looks like i can set up restrictions on the tunnel using User-ID and Captive Portal. https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/user-id/enable-user-id.html and https://docs.paloaltonetworks.com/pan-os/9-0/pan...

MP2021 by L1 Bithead
  • 2679 Views
  • 2 replies
  • 0 Likes

PANOS 10.0.6

Hello, team One of my client want to know the stable version of PANOS there current one is 9.1.5 I suggested them with min apps threat Global protect user-id version and suggest the PANOS 10.0.6 After that the client send me the issue below. The PANOS 10.0.7 is under Monitoring please let me if there is any solution for this. PAN-154433 issue id...

Office 365 URL Filter

Hi, New to Palo Alto so might be an easy solution. Im trying to set up URL filtering to allow Office 365. Ive test the object and policy with other websites such as bbc.co.uk and sky.com so i know my policy works, however, when i add the office 365 URLs from https://docs.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?vie...

Resolved! Block android devices and iphones

Hello Guys, I have been through process of blocking a group of devices in VPN and gateway side.I could block the windows devices usin the Machine-GUID but still unlucky in blocking phones "Android and iphones"regarding the ANdroid phones I used the Android ID provisioned from phone but still unlucky and phone still able connect.ho...

PA VPN Authentication Via Ldap

Dear Team, I have one scenario while connecting GP with LDAP user will get the IP address then the user is trying to connect internal server the traffic will go through the cisco FTD. the issue is that once traffic will pass Paloalto then we checked in he Cisco FTD the user and IP address we are getting only management IP address and service ac...

Recommendation for creating exception rule for network traffic intended for Netsuite.

Hello, I have a Next Gen PA firewall and I am looking for suggestions on creating an exception rule for traffic intended for the Netsuite cloud. I looked up the Netsuite documentation and they recommend creating '*.netsuite.com' in firewalls because their system uses a range of dynamic IP addresses to accommodate the various Netsuite services. S...

ColinT by L0 Member
  • 3257 Views
  • 1 replies
  • 0 Likes

Resolved! Constantly receiving this error - SYSTEM ALERT : high : l3svc: Exited 4 times, waiting 1890 seconds to retry

Hi,I have a client that was receiving the below error occasionally (every 2 weeks or so).'SYSTEM ALERT : high : l3svc: Exited 4 times, waiting 1890 seconds to retry'The client was on PAN OS 9.1.3 and then updated to 9.1.7 and now the error is appearing constantly. The l3svc daemon is in a stopped state and a restart brings it back to a running s...

Ben-Price by L4 Transporter
  • 6176 Views
  • 4 replies
  • 0 Likes

Resolved! Blocking most of the world using the negate source

Based on this doc - https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/policy/security-policy/create-a-security-policy-rule.htmlI want to create a policy that blocks all traffic from every country but the US, Canada, UK and Netherlands. In order to do that, I add to the source those 4 countries and then select the negate box. Seems simple...

JPhilip by L1 Bithead
  • 13290 Views
  • 5 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks