General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 1, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

SAML Captive Portal

Hi All,

i'm trying to configure a SAML authentication for captive portal but when i'm trying to export metadata and selecting captivel portal i'm not able to export, it shows no option:

if I try to type an address and click ok the file generated contai

...

Resolved! dhcp client class-id setting

Dear all,

a potential FTTH provider requires a special option for the dhcp client in order to work.

CISCO setting like:

ip dhcp client class-id 100008,0001,Cisco,e02f.6d21.xxxx,15.3(1)T,FCZXXXXXXXX

Is there any change to set the dhcp class-id for the dhc

...

Resolved! want to know options to disable GP connection

Temporary we want to disable test GP setup. Found below options :

* Create deny rule for GP public ip.

or

* remove fqdn/ip of external gateway from GP Portal > Agent

or

Disable Tunnel mode , GP gateway > Agent > Tunnel Settings > Tunnel Mode

Is there any

...

Resolved! Recommended Pan-OS version

I have a 5220 that I am using as core L3 segmentation router for my 500 user environment. Currently running 9.1.3 Pan-OS and What version of PAN-OS is recommended for this scenario. Is it generally advised to install the latest version posted on dev

...

Resolved! Can PA-220 support 3000+ users with one user ID group mapping

Can PA-220 Handle 3000+ users for UserID Mapping and User ID Group Map. Wanting to understand the capacity and efficiency sine we have remote sites which have the PA-220 and need group specific policy for the company divestiture.

PaloAlto TAC support has gone missing

Opened a S2 (high) ticket at 11am ET this morning about panorama in High Availability in suspended mode after upgrading from 9.1.9 to 9.1.10. No response from TAC support after two hours. I called in and have been waiting for over an hour with no o

...

Java Cert error due to decryption?

My organization is in the process of moving from one VPN solution to GlobalProtect. We are seeing several applications being unable to run certain features, or run successfully at all, and the error logs appear similar to this (I say similar because

...

Resolved! Configure Session Timeouts particular source or destination ip in Palo Alto

Can we specify session, session timeout i.e. Keepalive timer for particular source or destination ip in Palo Alto?

In the WebGUI, we will find these settings at Device > Setup > Session, But this settings will be applicable for global setting.

I fou

...

How to allow policy destination by URL

Hello,

I need know how to allow create policy in PA firewall 3020 and add destination as URL name as (microsoft office 365) instead of adding all IP ranges.

Appreciate your help

Thanks

global protect vpn with DUAL ISP

Hi Team,

we have two isp link with ecmp load-balancing enabled. we only have one virtual router setup. we have configured GP vpn portal with one isp interface and how can i configure the GP vpn with second isp link as well. we would like to have two

...