This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4231 Views
  • 0 replies
  • 0 Likes

Restrict Access to WAN Network PANOS9.0.x

Hi, We're looking to restrict access to our network in AWS on the other side of an S2S VPN. From the research i've done it looks like i can set up restrictions on the tunnel using User-ID and Captive Portal. https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/user-id/enable-user-id.html and https://docs.paloaltonetworks.com/pan-os/9-0/pan...

MP2021 by L1 Bithead
  • 2741 Views
  • 2 replies
  • 0 Likes

PANOS 10.0.6

Hello, team One of my client want to know the stable version of PANOS there current one is 9.1.5 I suggested them with min apps threat Global protect user-id version and suggest the PANOS 10.0.6 After that the client send me the issue below. The PANOS 10.0.7 is under Monitoring please let me if there is any solution for this. PAN-154433 issue id...

Office 365 URL Filter

Hi, New to Palo Alto so might be an easy solution. Im trying to set up URL filtering to allow Office 365. Ive test the object and policy with other websites such as bbc.co.uk and sky.com so i know my policy works, however, when i add the office 365 URLs from https://docs.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?vie...

Resolved! Block android devices and iphones

Hello Guys, I have been through process of blocking a group of devices in VPN and gateway side.I could block the windows devices usin the Machine-GUID but still unlucky in blocking phones "Android and iphones"regarding the ANdroid phones I used the Android ID provisioned from phone but still unlucky and phone still able connect.ho...

PA VPN Authentication Via Ldap

Dear Team, I have one scenario while connecting GP with LDAP user will get the IP address then the user is trying to connect internal server the traffic will go through the cisco FTD. the issue is that once traffic will pass Paloalto then we checked in he Cisco FTD the user and IP address we are getting only management IP address and service ac...

Recommendation for creating exception rule for network traffic intended for Netsuite.

Hello, I have a Next Gen PA firewall and I am looking for suggestions on creating an exception rule for traffic intended for the Netsuite cloud. I looked up the Netsuite documentation and they recommend creating '*.netsuite.com' in firewalls because their system uses a range of dynamic IP addresses to accommodate the various Netsuite services. S...

ColinT by L0 Member
  • 3293 Views
  • 1 replies
  • 0 Likes

Resolved! Constantly receiving this error - SYSTEM ALERT : high : l3svc: Exited 4 times, waiting 1890 seconds to retry

Hi,I have a client that was receiving the below error occasionally (every 2 weeks or so).'SYSTEM ALERT : high : l3svc: Exited 4 times, waiting 1890 seconds to retry'The client was on PAN OS 9.1.3 and then updated to 9.1.7 and now the error is appearing constantly. The l3svc daemon is in a stopped state and a restart brings it back to a running s...

Ben-Price by L4 Transporter
  • 6265 Views
  • 4 replies
  • 0 Likes

Resolved! Blocking most of the world using the negate source

Based on this doc - https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/policy/security-policy/create-a-security-policy-rule.htmlI want to create a policy that blocks all traffic from every country but the US, Canada, UK and Netherlands. In order to do that, I add to the source those 4 countries and then select the negate box. Seems simple...

JPhilip by L1 Bithead
  • 13419 Views
  • 5 replies
  • 0 Likes

google home page not loading when remove "service-https" and leave ssl application

so i have this dual personality thing going on with the PA firewall and am learning, so this might be an easy one. I kind of dont like the requirement to create "application" based rules and then back them up with "service-based" rules. I had this security policy in place and was playing with it: RULEBASE1 (old working rulebase):user2internet a...

anon4all by L2 Linker
  • 3259 Views
  • 2 replies
  • 0 Likes

Resolved! Global protect and Outlook 2016

Recently we observed an issue for users on GP and using outlook.When the GP is etablished and if the user launches Outlook in less than 1 min the outlook throws the error"we are unable to connect right now. please check your network and try again later"The same user once connected to GP and tried to launch post 1 min the outlook works fineI am u...

Pa-2050 hdd broken

Hello , I know that the pa-2050 is no more supported but unfortunately this is what I have.. if someone has the pan-os 7.x so i can change my hdd and recover the system will be very thankful ...

fmasri by L0 Member
  • 2237 Views
  • 1 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks