General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Resolved! Does Globalprotect application use certificate revocation list (CRL) to check the gateway certficates?

Hello to All,

We have intermitant issues with the HIP report not being send every hour but I also see that there are some intermitant errors about the gateway certificate not being verified, I also see that there are messages in the PanGPS log "Chec

...

Resolved! GP portal error

Restriction of the users on the GP portal page.

We selected a particular group in the allowed list, but authentication was failing unless we select all.

FTP application not able do the Data Transfer. Logs Showing Unknown TCP application with some Random Ports.

We have just created a simple security for ftp services. Application ftp and service port any for ftp service. We can be able to connect the server but on data transferring the connection got timed out. When we just do application and service any. Th

...

User-ID for large scale deployment

Hi,

We have planned to implement user based policy in PA and we have roughly around 5k users across different locations with multiple controller as we have two options,

1. Dedicated windows based user-id agent

2. Palo alto Integrated user-id agent

among

...

Resolved! PaloAlto Bandwidth Report

Hi,

I have an existing web application that I am contemplating moving to the cloud from on-prem. The app currently sits in a DMZ on a Palo 220.

I am trying to determine the costs we would incur if we moved the app to the cloud. I need to get a good

...

Troubleshooting random GlobalProtect disconnects...

Hello. i have been experiencing random GlobalProtect disconnects on my home computer. I'm running Windows 10 [1909] with GlobalProtect 5.0.8 64-bit connecting back to my office's Palo Alto firewall (not 100% sure of the version). A few times a day,

...

App Google Earth

Good morning, I have a problem opening the google earth client to users. For some time it seems that randomly it also needs the google-play application to be open, if you want to have the latter closed to the user there is some way to make an excepti...

PanOS ldap issue

Hi

we are facing some issues on our 3220 fw 9.1.9 (same issue in 9.1.8)

ldap group membership sync is not working anymore

this 3220 Fw is our Lan FW

ldap server profile is correct

we can add correctly group in the user group mapping, AD tree is browsabl

...

Resolved! Replacing a managed old hardware model with a new model

Hi,

I am going to replace my old 3020 9.0 panorama-managed firewalls with a pair of 5200 series FW. During the process I’ll need to change some of its network interfaces configurations with vpn tunnels on the new model. Would you advise to change the

...

Replacing 3020HA to 3220

Getting ready to replace a 3020 HA - Active/Standby to a single 3220.

Looking to see what the best steps to take and if there are any gotchas I should be on the lookout for.

Logic tells me; Make sure both are on the same OS code, export the running-c

...

Resolved! Extract data of all ciphers and protocols that enabled or disabled in palo alto firewalls

how can i Extract data of all ciphers and protocols that enabled or disabled in palo alto firewalls.

And How can i Ensure all weak ciphers and protocols are disabled before exposing an application to the Internet in palo alto firewalls.

Deployment job upload wildfire to <fw> failed. Device msg:'Failed to download panupv2-all-wildfire-564367-567485.

Hi,

We get these error often, 'cannot connect to server'.

There are no network connectivity issues and everytime I test get the following:

Test wildfire Public Cloud

Testing cloud server wildfire.paloaltonetworks.com ...
wildfire registration: successful

...

Resolved! Site-to-Site VPN private subnets cannot ping eachother through the tunnel

I am new to learning Palo Alto Firewalls. I have a couple of PA-8.0.0 virtual machine instances setup on my desktop with internet access through my home network on a Windows 10 host machine, for learning purposes. I configured site-to-site vpn and

...

Resolved! HA peer determined to be Active through managed devices; staying in Passive state

We have received below email alert from Secondary Panorama , what's the meaning of this critical severity event?

actionflags: 0x0
type: SYSTEM
subtype: ha
config_ver: 0
time_generated: 2021/06/04 10:22:37
high_res_timestamp: 2021-06-04T10:22:37.000+05:30
dg

...

Old Palo alto firewall || Demo PaloAlto firewall

Dear Team,

I am a big fan of PaloAlto firewall and i am working PA firewall science lase 4-5years. So i wants to create one Lab in my home and wants to share the free PA training over Youtube, already i have started the training with VM trail license

...

Discussions

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

Discover LIVEcommunity Through Our New Animated Explainer Video!

Resolved! Does Globalprotect application use certificate revocation list (CRL) to check the gateway certficates?

Resolved! GP portal error

FTP application not able do the Data Transfer. Logs Showing Unknown TCP application with some Random Ports.

User-ID for large scale deployment

Resolved! PaloAlto Bandwidth Report

Troubleshooting random GlobalProtect disconnects...

App Google Earth

PanOS ldap issue

Resolved! Replacing a managed old hardware model with a new model

Replacing 3020HA to 3220

Resolved! Extract data of all ciphers and protocols that enabled or disabled in palo alto firewalls

Deployment job upload wildfire to <fw> failed. Device msg:'Failed to download panupv2-all-wildfire-564367-567485.

Resolved! Site-to-Site VPN private subnets cannot ping eachother through the tunnel

Resolved! HA peer determined to be Active through managed devices; staying in Passive state

Old Palo alto firewall || Demo PaloAlto firewall

No "certificate used by" field when generating certs for SSL forward trust and untrust?

A question about snat address pool couse a route loop

How do I get the documentation / training for creating advanced XQL queries

panorama disk health

Recommend os version

Re: Exclude only communications on specific port numbers from Global Protect

Re: Software NGFW Credits

Re: Advanced DNS Security vs DNS Security License

Re: Replacing HA Hardware

Re: About API keys when using the curl command

Unlock your full community experience!

Resolved! Does Globalprotect application use certificate revocation list (CRL) to check the gateway certficates?

Resolved! GP portal error

Resolved! PaloAlto Bandwidth Report

Resolved! Replacing a managed old hardware model with a new model

Resolved! Extract data of all ciphers and protocols that enabled or disabled in palo alto firewalls

Resolved! Site-to-Site VPN private subnets cannot ping eachother through the tunnel

Resolved! HA peer determined to be Active through managed devices; staying in Passive state