General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics


New Product mention feature

Hey everyone, We just enabled a feature on the LIVEcommunity that allows for products to be linked inside of discussions or articles.. this helps cross link information throughout the site, especially useful if you are looking for specific informatio...

jdelio by Community Team Member
  • 2 replies

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 43 replies

Resolved! email attachment

Hi community, can anyone clear my following doubts.I have a mail server behind my PA, i am not doing ssl for mailserver communications.i have antivirus & wildfire profiles applied for inbound and outbound connections to this mail server.what if i get...

Learning center doesn´t work

Good Morning, I´m training in PaloAlto 8 Essential and today page doesn´t work. I Attach the error Server Error in Application. The specified network name is no longer available Please could you help me? Thanks.

E418949 by L0 Member
  • 1 replies

I can't decryption some web-site

Hi Expert , I was found an issue about after that applied decryption policy such as just facebook site but when access facebook occurs htps site restriction I don't have license URL and threat prevention Kindly please suggest to me.

Route daemon configuration load phase-1 aborted

Hello, I am getting "Route daemon configuration load phase-1 aborted" alarms under type-'Routing' , severity as 'Informational' and event as 'routed-config-p1-abort'. Why we have these alarms and what they're indicating? could someone provide details...

LCAP down on Passive Firewal

Hello team, In an HA environment, with pre-negotiation for LCAP disabled , but passive link state set to "Auto" in the HA configuration, if all physical interfaces show as up, is the AE (Aggregated Interface) supposed to be up or down, as the partner...

Browsing Quota Time ?

I am coming from Forcepoint from a proxy perspective. My questions is, does the Palo Alto support user browsing policies, and user quota times ? I am looking to have some block list and white list created. I am also wanting to give certain users limi...

Resolved! Commit error in HA

Hello, We are using PA-VM with PAN-OS 8.1.6. When trying to enable the Heartbeat and HA1 backup, we cannot commit as it failed with this error. How to fix this issue?


Security Profiles on Deny Rules

What is the best practice for adding security profiles to deny rules? I like to add the URL profile to deny rules so I can see what URLs are being denied. Who else adds security profiles to the deny rules and what benefit do you get? Has anyone had a...

Cisco ASA and Palo Alto 820 with multiple Proxy-ID

Trying to replace a site to site VPN Cisco ASA firewall with Palo Alto PA-850. Cisco ASA on this side has multiple ACLs configured which is equivalent to Proxy-IDs. It is configued with IKEv1, policy based, no IKEv2. I do not have access to the firew...

Resolved! session_end_reason eq decrypt-error - 8.0.9

Attempting to decrypt inbound ssl traffic to our federation server. I have been unsuccessful and getting decrpyt error. We have been decrpyting other public servers in the same manner with individual certs succesfully for the past couple years. I hav...

clewis1 by L2 Linker
  • 14 replies

Firewall Throughput

We have a PA3050 in a very simple setup.1 outside interface and 2 inside interfaces (aggregated). A few times a week our clients complain about performance. During this time the firewall is generating 1Gb throughput (flat-line). However, the throughp...

Sjoerd by L2 Linker
  • 2 replies


Hi Community, I am running PA local user-id agent in PAN os 8.1.3i am facing an issue that my server monitoring is shows as 'not-connected', i am able to test the authentication and proper service account is configured. it was working fine for long t...

Resolved! Server with public IP behind the firewall without Natting

We need to have a 1 server behind the firewall with public ip address.We do not want private ip on the server. Firewall - outside zoneServer is behind the DMZ_Zone. Currently DMZ has sub interface with private ip address so when traffic comes from in...

MP18 by Cyber Elite
  • 3 replies
Top Liked Authors