This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

Resolved! blocking machines from AD-group

Is it possible to block outgoing traffic, from an active-directory group containing machines?blocking traffic by username works fine, but i want to use the machine ad group rather than entering all machines by fqdn or ip in an address group of objects on my pa.i'm using a pa-3020 on pan-os 5.0.1thanks

skemena by L1 Bithead
  • 5388 Views
  • 5 replies
  • 0 Likes

Resolved! Creating static routes in CLI versus GUI

I have noticed that if a create a static route via the cli the xml configuration is less than if you create the static route via the GUI. In the cli I can simply set the destination and next hop. In the GUI there are many other options (most I never use) such as path monitor, BFD, metric and so on. I essentially take the defaults. In the GUI bot...

Resolved! Azure HA same resource group ?

This doc says both VM's have to be in same resource group, but portal doesn't allow me to deploy another VM in same resource group, where i have already deployed a VM. https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series-firewall-on-azure/configure-activepassive-ha-for-vm-series-firewall-on-azure.html

raji_toor by L4 Transporter
  • 3641 Views
  • 1 replies
  • 0 Likes

Blocking certain Facebook features while allow others with PAN version 8.1.17

I am trying to block certain Facebook features while allowing others. For example: Facebook – block - chat, file-share, post, video, voice However, after implementing it on the PAN, I can still do this with Facebook: I could post, like and upload pictures. Chat doesn’t work at all, though I can see the page. Is this normal? Is the application...

dtran by L4 Transporter
  • 10038 Views
  • 11 replies
  • 0 Likes

Resolved! GlobalProtect iPad VPN App

We have many users getting a pop up readingThe Network connection is unreliable and GlobalProtect reconnected using an alternate method. You may experience slowness when accessing the internet or business applications. Anyone seen this and what maybe causing it? We have never had any issues with GP VPN on any devices for years now/ or since usin...

Renew firewall CA certificate and distribute with GPO

We have created on the firewall a Root CA which also signs the SSL Forward Trust certificate.The firewall Root CA certificate has been deployed with GPO to all our devices there Trusted Root Certificate Authorities.The root ca certificate on the firewall will almost expire and needs to be renewed, but what is the procedure?Select the certificate...

ZEBIT by L3 Networker
  • 2928 Views
  • 2 replies
  • 0 Likes

TAXII feed for SIEM

Hi, I have tried minemeld with few miners and output to the inbounfeedhc i.e. PAN EBL/DBL. It is worked as expected. I would like to push the data to SIEM so that i can perform log analysis based on the indicators. How can i use taxii? I have configured ET.compromisedIP and Dshield miners to send data to new aggregator with output to stllib.fe...

Sly_Cooper by L4 Transporter
  • 45716 Views
  • 53 replies
  • 1 Likes

Resolved! Wetransfer download site we.tl not seen as Wetransfer application

I have created a rule which allow the wetransfer (download and upload) application.But when a user receive an email to download a file the url is we.tl/random numbers.When the user clicks it the firewall doesn't see it as the application wetransfer-download but as category online storage and backup.Is this a bug in the Pan-OS and how can we solv...

ZEBIT by L3 Networker
  • 24791 Views
  • 9 replies
  • 0 Likes

Integrate AlientVault feeds into minemeld

I have been trying to add the alienvault otx feeds to minemeld and followed the steps mentioned in:https://live.paloaltonetworks.com/t5/MineMeld-Discussions/AlienVault-taxii-miner-versus-prebuilt-reputation-data-miner/td-p/157037 However, I get this error while polling:<urlopen error [Errno 1]_ssl.c:510: error:14077410:SSL routines:SSL23_GET_...

prateekj by L0 Member
  • 4146 Views
  • 2 replies
  • 0 Likes

Resolved! Twistlock Jenkins Plugin

Hello -I have Jenkins v2.291 installed. I'm trying to find the twistlock-jenkins-plugin. It installed on our old version of Jenkins. Can anyone point to a location I can download it from. From there I'll try manually installing it.Thanks.

johnca00 by L0 Member
  • 3248 Views
  • 1 replies
  • 0 Likes

Traffic diversion

Hello We have a customer who are running some oracle application in cloud . We have built a site to site vpn between our on prem PA 3200 towards the cloud . Traffic is flowing over this tunnel to and fro Now we have another company called company B and they also want to access our resources in oracle cloud . What could be solution ? do i have ...

SSL Decryption blocking the Google Drive Desktop

Good afternoon, We recently enabled SSL Decryption on our FW and seem to have broken our Google Drive Desktop. We can access Google Drive via web, but just can't access it via the Google Desktop file stream. Anyone experiencing this?

Resolved! No valid URL filtering license warnings on firewalls that are not supposed to have the license

I have several firewalls which use URL filtering and are licensed for it, and several that do not. In Panorama, all the firewalls that do not use it constantly have the Warning: If I click in to the details I see: . Warning: No valid threat content package exists. Warning: No valid Antivirus content package exists. vsys1. Warning: in vsys1, 3 w...

commit warning (2).png
Rich.H by L2 Linker
  • 7715 Views
  • 2 replies
  • 0 Likes

Resolved! Teams Traffic issue

Hello , for one of our customer , they are facing slowness issue with MS teams . they identified issue with the ISP provider link There is a Single Palo Alto gateway . The external interface is connected to a Switch ( L2) and the switch is further connected to Internet Router Now customer is planning to buy another ISP link ( high speed) . Re...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks