This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4119 Views
  • 0 replies
  • 0 Likes

Resolved! Using scripting mode to modify existing security rules

Hi, I was wondering if anybody has experience working with the scripting mode in the way I need.Using the following commands, it is possible to add a single application or service to a rule:set device-group INTERNAL post-rulebase security rules SEC-APP application [ ssl ]set device-group INTERNAL post-rulebase security rules WEB-APP service [...

Resolved! Email subject line is truncated or shortened after upgrade to 9.1.6

As I upgrade firewalls to 9.1.6 (from 8.1.x) I am noticing that the subject line for emails I receive (typically System messages) appears to be intentionally truncated. This is not display issue with outlook. If I open the email the subject line still ends in '...' The problem is I have custom email rules that filter on the subject field and now...

ChrisIsett_0-1619785033940.png

Always-UP IPsec

The ipsec-tunnel comes up only when there is interesting traffic destined to the tunnel or when the tunnel manually initiated.That leads to problems in our monitoring. I'd like to ask if there is a workaround to make the VPN always-up without need to enable tunnel monitoring. Because tunnel-monitoring must verify connectivity to an IP address fr...

aabozaid by L1 Bithead
  • 7031 Views
  • 3 replies
  • 0 Likes

Global Protect not working with Big Sur on PA 820

Hi all, I Use Global Protect version 4.13 on a PA 820 Os 10.0, after updating my Mac to Big Sur i vant connect to the Palo anymore.The strange thing: when i use the same Mac to connect to another Palo in our domein it works.The error: failed to get client configuration. The GP works with other device on my account so i know for sure the connect...

Resolved! Registration now open - Interactive Event!

Hi everyone, If you haven’t already seen, registration is now open for our first interactive event all about the Best Practice Assessment (BPA) tool! You will be able to connect with subject matter experts, share best practices, and learn how this tool can improve your security posture. Register here. I’m registered and can’t wait to see ...

jdelio by L7 Applicator
  • 4339 Views
  • 3 replies
  • 1 Likes

Resolved! EDL in vsys environment

Hello, We have a pair of 5250 running PANOS 8.1 with 125 vsys. We want to deploy EDL to block well known attackers. My understand is the EDL has a limit of 150000 entries for IP list. If I create a shared EDL (type IP list) with 10 entieres and create 2 panorama shared security rules for inbound and outbound for all 125 vsys. Is that count as...

VPN socket closed

Hi All, I have a user who connects via a thin client with GP to our network. Actually we have around 50 users, but this one user has many problems. She gets disconnected multiple times a day. She tried multiple connections: her current residence with both wifi and cable, at her parents, both cable and wifi (2 different cities), and mobile data f...

olloczky by L1 Bithead
  • 5677 Views
  • 5 replies
  • 0 Likes

Does it work even if I install different models of PAN-OS?

Currently, we can download the PAN-OS Software Image of the PA-200, 800 and 3200 series from CSP.Does it work even if I install different models of PAN-OS? For example, the case of upgrading by installing PAN-OS 7.0.1 downloaded from PA-200 to PA-3050 with PAN-OS 6.1 installed. please answer about my question. Thank you.

Palo Alto VM No Internet in Browser

Hello,I have PaloAlto on GNS3 i set a policy from inside to outside and i also do the NAT policy Plus the virtual router configuration.from inside i can ping to internet but i cannot browse, is that related to licence or i miss something?Thanks.

Resolved! Decryption Breaks Palo Alto Dynamic Updates

I'm having an issue where my Decryption policy is breaking my Palo Alto Dynamic Updates. When I turn on decryption, and then attempt to download an Antivirus, Applications and Threats, or Wildfire update, I'm given the message "Invalid content image, Failed to download file". When I turn decryption off, the updates work perfectly. This seems...

Resolved! Action on a vulnerabilty found in a SMTP flow

Hello, How to configure the PA firewall to return a SMTP 541 when vulnerability is seen in a SMTP flow ? I have managed to do it with the AV protection but not with the vulnerability protection. Cedric

Cedricd by L1 Bithead
  • 8820 Views
  • 8 replies
  • 0 Likes

Resubmit Host Profile required intermittently to restore connectivity.

Global Protect, running 5.0.8 w/ Mac 10.8.5.Client connects and works fine initially.At intermittent times, a few times a day, the client has to manually Resubmit Host Profile for the HIP rules to re-engage and restore traffic flow.This is obviously a problem as the user doesn't realize this is happening until their traffic fails.This is happeni...

kk555 by L0 Member
  • 5782 Views
  • 1 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks