This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4228 Views
  • 0 replies
  • 0 Likes

Customize Global Protect app/response pages

Hi, I would like to customize portal web GP. The main web where you add your credentials and the enxt web where you can download the client. Is that possible? I saw you can import web for portal GP web in DEVICE-> Response pages, but i would need the current web to edit and customize where can i get it? On the another hand, Is it possible...

BigPalo by L4 Transporter
  • 1141 Views
  • 3 replies
  • 0 Likes

Inquiry Regarding Conversion of Unused PCDRA Voucher

Hi, I would like to inquire if there’s any option to convert my PCDRA exam voucher into a voucher for a different but related certification exam. I currently have a PCDRA voucher, but since the PCDRA exam appears to have been retired, I’m unsure how to proceed or make use of this unused voucher. Any suggestions or guidance on this matter would b...

Resolved! How can I test a ldap server that is healthy or not?

Dear all We need to replace our old ldap server config to a new ldap server on PA firewall and panorama, I want to know if I add a new ldap server config on PA firewall and panorama, how can I test the healthy of the new ldap server? I try to use telnet command to connect the new ldap server's 636 or 389 port, but I found there is no tel...

Resolved! No Valid DNS Security License - Resolved

We did a trial of DNS Security, after its expiration pushes from Panorama failed with warning "No Valid DNS Security License" Did a fair bit of searching, only real suggestion was here, that said to set all DNS Policies to Allow, that did not resolve the warning. Tried setting DNS Signatures to Default, still same commit warning. Poking around...

Resolved! "-base" applications and how they relate to non-base applications

The term "base" makes this impossible to search for because "application-based" and "port-based" shwo up everywhere. I am not finding an answer in any documentation yet. So, please help me clarify. If I specify the application to be one with the suffix "-base" does that mean it includes all the specializations, or does it mean it is only includi...

Odd behavior around ISP Failover with Static Route Path Monitoring

Hi, I had an unexpected situation occur recently with regards to failover behavior on static route path monitoring. We have 3 ISPs, and this past weekend 2 of them went down at different times (hooray). For the purposes of this post, I will be talking about one of them. Interestingly, the path-monitoring worked when the failure event occurred - ...

image.png
ihealey by L1 Bithead
  • 7899 Views
  • 4 replies
  • 0 Likes

Resolved! IPSec VPN not getting any response from peer

Hello, i'm having a weird problem with an IPSec VPN on my Palo Alto. This morning tunnel was working fine, but after mistakenly denying ike and ipsec requests on my firewall, the VPN went down. I obviously did a quick rollback and peer IP is now allowed to request IPSec and IKE. However the VPN won't go up again (other VPN with similar con...

christopheguengant_1-1747859953364.png
christopheguengant_3-1747860298749.png

HIP Check for Machine Certificate

Hello,I've been unable to get my HIP check to work when checking for attributes in a machine certificate. Other HIP checks do work. I'm using my root cert for the Certificate Profile. I don't have/use a intermediate cert as this is a lab. Some of the things I've tried.1. I configured a certificate profile with the root cert.2. Portal > Ag...

Sofware Upgrade broken? "An active license is required for this feature"

I have a bunch of PA440s and some of them cannot be upgraded as I keep getting an "An active license is required for this feature" message when clicking on Check Now under Device > Software. Device is correctly licensed and activated on the support portal, NTP is activated and sync'd. Dynamic Updates can be retrieved from the Cloud but PAN-OS...

pcolomes_0-1653273748081.png
pcolomes_0-1653273908206.png
pcolomes_1-1653273972495.png
pcolomes by L0 Member
  • 24058 Views
  • 13 replies
  • 1 Likes

QOS Not Working Propely

Hi Friends, We have a customer experiencing issues with QoS. After enabling QoS, a noticeable reduction in internet bandwidth was observed. Although QoS was configured correctly, the bandwidth dropped from 25 Mbps to 14 Mbps on a 30 Mbps link.To test this further, we removed the QoS configuration and performed a speed test using an online tool...

Virtual routers Impact

Hi Team, if we create extra virtual routers does it impact CPU/RAM utilization i paloalto?Also do we need manually assign CPU/RAM allocation for newly creating virtual routers in paloalto ?

Resolved! Unable to launch application when terminal server agent is installed

We recently installed the terminal server agent onto our Citrix environment. As soon as I installed it, we had reports that users were unable to launch our VoIP software called Avaya One-X Communicator. It crashes immediately after launching it. As soon as I disable the PAN Terminal Server Agent service users are able to launch it without issue....

kegeorge by L0 Member
  • 5131 Views
  • 3 replies
  • 0 Likes

PCI Compliance - 86476 Web Server Stopped Responding

First time in years, getting this failed result to a PCI scan. 86476 Web Server Stopped Responding. Their tech suggests it has something to do with my PAN WAF/IDS and they have a bunch of IP addresses/ranges that I can whitelist. I find this odd as I've never had to whitelist them before and I've passed many many scans prior to this. How do ...

cenders by L3 Networker
  • 1527 Views
  • 3 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks