This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4231 Views
  • 0 replies
  • 0 Likes

PAN Security Advisory (11-AUG-2021)

Thought I would just put this notice out since I know a lot of people don't actually subscribe to security advisories directly. If you haven't already, I highly recommend that you sign up for notifications via https://security.paloaltonetworks.com/ and the 'Subscribe' feature at the top right.As a general statement, you should ensure that you ar...

BPry by Cyber Elite
  • 4016 Views
  • 3 replies
  • 1 Likes

User id not fetching for same ip in traffic logs.

User id not fetching in traffic logs.we created user base rule on that basis mapped ip address shows user id for same rule .but some time user is not authenticated from that user base policy rule and it is moving from next any any rule. if it is moving from any any rule that time it is not showing user-id mapping.

SurajN by L2 Linker
  • 2071 Views
  • 1 replies
  • 0 Likes

Resolved! DNS external Global Protect

Good afternoon:I hope you can help me with this, thank you very much in advance.I have Global Protect configured as follows:GP: IP pool 172.16.11.0/24Split-tunnel Include: 192.100.11.0/24 ( Corporate LAN )DNS assigned Global Protect: 8.8.8.8.8 and 4.2.2.2.2Home LAN: 192.168.1.254 Gateway/DNS Home LAN: 192.168.1.254 The connection works and opera...

Metgatz by L4 Transporter
  • 7729 Views
  • 5 replies
  • 0 Likes

Multiple domains on PA

Hello , We have integrated already the AD ( 3 Servers for redundancy)The User id we are using is the default one which is on the PA FW The domain is abc.nl . The setup is working . Now we are building an entirely new domain called abc.es . migration may take time There is no trust and the forest is different . So is it possible to have two...

Possible to disable SSH CBC cipher and weak MAC hashing?

Hi, May I check if it is possible to disable SSH CBC cipher and weak MAC hashing on Palo Alto Firewall?If so, may I know how to do it. Had no luck searching for a solution online.Seems like there is no menu/config file (e.g. /etc/ssh/ssh_config) to edit such settings. This is with relation to Nessus vulnerability findings.Try to see how it can b...

boss82 by L0 Member
  • 17091 Views
  • 3 replies
  • 0 Likes

IPsec tunnel doesn't show IKE gateway selected from drop down list

Hi All, Hope you are doing good. I am running PA-8.1.0 on on VM and creating a tunnel with Cisco router. I completed all configuration on PA end. But when i go into ipsec tunnel, i can't see Ike gateway selected. I re-select it and then commit the changes but again go to ipsec tunnel, it still shows not selected. Is this related to any bug or s...

ankda18 by L0 Member
  • 7318 Views
  • 8 replies
  • 1 Likes

/dev/shm filling up after 10.0.6 firmware

TMPFS partition /dev/shm on the VM series PAN. Typically this is cleared on reboot but after upgrading to 10.0.6 its failed to clear the space on system reboot. We have looked at the other drives on the PAN are there seems to be no capacity issues other then the tmpfs /dev/shm location at 97%. Can you please confirm whether this is expected on l...

WHERE CAN I FIND A COMPLETE LIST OF PAN-DB URL FILTERING CATEGORIES?

Q1, WHERE CAN I FIND A COMPLETE LIST OF PAN-DB URL FILTERING CATEGORIES? We can't find a complete pre defined url categories. Now the pre defined url categories have 73 ithems. The KB was not update. Q2, Where can I download/epxort a complete list pre defined url categories. CSV?PDF? https://knowledgebase.paloaltonetworks.com/KCSArticleDeta...

Enable split tunnel for Zoom

Hi We are planning to exclude all zoom traffic from Global protect VPN and currently we are using 4.1.5 GP agent version. I have gone through the zoom documentation and created EDL but not getting option to exclude the EDL (external dynamic list ) in split tunnel >access route >Exclude , Kindly suggest to enable split tunnel for Zoom traf...

Yusuf_PA by L1 Bithead
  • 6917 Views
  • 3 replies
  • 0 Likes

Resolved! 3250 HA setup

HelloI am trying to setup HA on a pair of 3250s and am a little confused between what the datasheet says and what's available. Is there an example out there of how to set the ha1-a and ha1-b ports up. I've only done PA-850s and it appears the 850s have the HA1 and HA2. However, the 3250s have ha1-a being backed up by ha1-b and HSCI as the HA2. I...

MGMT interface routing questions

When I configure the mgmt interface on its own network and I use the PA for routing, do I need to setup a static route to access the HTTP interface from a different network? Or does a service route take care of this automatically? I have an HA active/standby pair, do service routes need to be configured on each device?

Microsoft Intune Out of Box Experience and Autopilot Hybrid AD Join

We are in the development phase of deploying a large number of new laptops to our user base. Due to the current circumstances with COVID and the changes we have made for out employees we would like to allow our users to receive the devices directly and utilize Intune for the deployment along with GlobalProtect pre-logon functionality. We curren...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks