General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics


Join Us for a Tech Deep Dive Miniseries!


Stop Zero-Day Threats in Zero Time with Nebula PAN-OS 10.2.


Join us live for an in-depth look at the latest advancements in cybersecurity, best practices, tips and tricks, demos and
more to protect your business and defend against threats in real


jforsythe by Community Team Member
  • 3 replies

Resolved! Global Protect VPN Device Certificates Expired

Hi Guys,


I'm the first time to renew our GP VPN device certificates. But my certificates just expired today. 

And I checked our old device certificates, it doesn't have the "CA".

When I renew it, do I need to import certificates ".pem" file or "pkcs12"


IPSEC tunnel not working post HA failover

Hello Friends,


We have Palo Alto firewalls (various models like 3050, 5220 and 3220) which are in HA (active-passive mode).  IPSEC tunnels are working fine when traffic is on active gateway. The issue is, when we failover traffic on passive gateway,


Strict IP Address Check after 9.1.12

Customer upgraded to 9.1.12 and after that it was noticed that for some of the zones, traffic was dropped. During debug,it was concluded that reason is Strict IP Address Check in the Zone Protection Profile:

"flow_dos_pf_strictip 1 0 drop flow dos Pac


nikoo by L3 Networker
  • 8 replies

Why Did Strict IP Address Check Break this VPN?

We have been working with TAC to find the cause of this issue where FTP client could no longer upload to external companies FTP server over the VPN tunnel.  After many days, we started a packet filter on the Public Internet (WAN) interface, which is


ms.jzam by L2 Linker
  • 30 replies

Resolved! refresh external dynamic list real time with cli


I need to update in real time the external dynamic list IP. 

Looking for this doc and cli command "find command keyword",didn't see any comma


Resolved! FIPS Failure upon boot

One of devices was not properly shut down due to a power outage in a building.  When the device started back up, it appears that it entered maintenance mode.  The reason is FIPS failure.  I have attempted to reboot the device from maintenance mode an


BryanSG by L0 Member
  • 2 replies

Globalprotect 5.2 Cookie Issue

We just upgraded our GP from 5.1.7 to 5.2.10

We have a gateway with SAML authentication
We have some connections issue with a message "already logged in" from the Identity Provider

I think this is due to the new feature "Default System Browser for


QoS max egress, no effect

Hi there,


I'm playing with QoS in our lab. I have a simple setup with two queue, first for SMB traffic, second for RDP traffic.

The max egress value is set, but when I transfer data, then both queues get bandwith values.


What I am doing wrong here?





PA QoS Monitor.png
PA QoS Profile.png
PA QoS Policies.png
Netzer by L2 Linker
  • 2 replies

User-ID Agent

Dear Team,


Appreciate your support and advice if Windows Server 2022 is officially supported, for running the User-ID agent yet?


As the below article didn't mention the Windows Server 2022.


Top Liked Authors