General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics


New Product mention feature

Hey everyone, We just enabled a feature on the LIVEcommunity that allows for products to be linked inside of discussions or articles.. this helps cross link information throughout the site, especially useful if you are looking for specific informatio...

jdelio by Community Team Member
  • 2 replies

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 43 replies

Resolved! User not in Allow list

Hello, We use SAML authentication profile. with PAN-OS 8.0.13 and GP 4.1.8. Followed the document below but getting error: SAML SSO authentication failed for user. Reason: User is not in allowlist.

Resolved! userid in multiple VSYS environment

Hello, We are using PA cluster in multiple VSYS environment. We would like to be able to configure user / group based policies across all the VSYS by sharing userid mapping table with all the VSYS (the user identification baseline is the same for all...

Resolved! Troubleshooting Application Incomplete with two way TCP traffic

We are having issues with one application while migrating the network from ASA to PAPA is Running 8.0.9 on 3020. Application shows as incomplete with more than 4 packets.We see trasmit and receive in the PA.Nothing in threat logs. As per TAC they say...

MP18 by Cyber Elite
  • 6 replies

Resolved! Phase 1 is down but phase 2 is up- test vpn phase 1 and 2

we have tunnel from PA to vendor which is using Cisco ASA.When there is no interesting traffic tunnel is down by design this part is ok. but today i saw phase 1 as red and phase 2 as green on gui.I did the test vpn ike command and phase 1 was greenbu...

MP18 by Cyber Elite
  • 2 replies

PA-VM not recognizing SSL and denying traffic

Hello, We are implementing SSL Decryption to PA. Because of this forcepoint agent (that is installed on theworkstation), the return traffic from the Internet (ie:, etc) will be denied by the firewall as the SSL certificate has been chang...

Resolved! Error Message in PANGPA logs

Hello, We are using 4.1.0-98. The clients at fault work fine through a tethered mobile, however when connecting to their home WiFi the connection is successful but nothing will work through the VPN. Below is a log snippet. What exactly is going on he...

Critical System Alert

The firewall has flooded the system logs with the following message:Traffic and logging are resumed since traffic-stop-on-logdb-full feature has been disabled. Software Version- 8.0.3-h4Model: PA-3020 Disk space looks fine: Filesystem Size Used Avail...

Incorrect User-ID

Hi all, I'm having an odd issue. I have global protect configured and using Okta (saml) authentication. Now everything is working fine except that a handful of users have the wrong user-id. All users are expected to have their email address as their ...

Resolved! Identical Rules on 2 Firewalls

Hello Is there a way in which I can see which security rules are identical on 2 Palo Alto Firewalls? Probably with Migration Tool or something? BR,RJ

Resolved! PanOS 8.1.5 No SNMP ifInOctets/ifOutOctets

We recently upgraded our firewall to version 8.1.5 and noticed that SNMP data traffic monitoring stopped working. If we get de SNMP values, we receive this informations: IF-MIB::ifIndex.9 = INTEGER: 9 IF-MIB::ifDescr.9 = STRING: ethernet1/4 IF-MIB::i...

Resolved! DNS is changing?

Anybody has hear about it and are PA firewalls effected by it. It seems they are making some changes to its functioning. Does PA application supports the said change? https://dnsflagday.net______________________________ What is happening? The current...

raji_toor by L4 Transporter
  • 3 replies


Hello, I have been playing around with this setup: - user connect to internal network with globalprotect- initiating any connection to internal resources trigger ether a redirect to captive portal for MFA challenge or a global protect popup with the ...

norbhinn by L1 Bithead
  • 2 replies

Resolved! Application changed color in ACC.

Hello, I changed a timeout value on an application and then changed it back to original setting, after this: The application show up in a greenish color (like the support info button color) in ACCThe application lost its category and sub-category. Bo...

norbhinn by L1 Bithead
  • 2 replies
Top Liked Authors