This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4104 Views
  • 0 replies
  • 0 Likes

Resolved! A question about ECMP

Hi, I saw a function named ecmp on palo alto NGFW, I think that it can make outbound traffic load balance on two or more physics line or logic line. And I also saw there was a inbound interface information in the session table of firewall. So I want to know if there are two out line on the firewall and connect to outside network named por...

Resolved! SNMPv3 read-only permission

hello all, i'm trying to create snmpv3 user account with read-only permission but when i went through the option on GUI there was nothing about specifying the permission whether it's read-only or read & write. i would really appreciate the help.

How can I search a particular source&destination address in lots of security policys?

Dear all: I have a question about search security policys. We have lots of security policys on our pa ngfw. some of them use a address group as a source& destination condition, some are not. The content of address-group may be a range or a subnet, but now I want to search security policys that relate a pariticular address, this add...

Question regarding Signal messaging application

Currently have a PA-440 at home and trying to setup Signal messaging application. I know the application is cert-pinned and therefore cannot be decrypted. To get it to work, I added to the SSL Exclusion Decryption list the following hosts/domains per the Signal website: https://support.signal.org/hc/en-us/articles/360007320291-Firewall-and-Int...

How to onboard passive PA440 firewall to Panorama using dataplane interface

I need assistance integrating Palo Alto firewalls in an Active/Passive HA setup with Panorama. Below is an overview of the setup: At customer sites, we have Palo Alto firewalls configured in Active/Passive HA mode, and they are currently managed locally. We are now planning to integrate them with Panorama, which is hosted in the AWS cloud. An ...

Ramesh by L0 Member
  • 1390 Views
  • 3 replies
  • 0 Likes

CONFIG logs and syslog

Hi there, we're shipping our logs to a centralized syslog instance. That works great for all types of logs from the PA with the exceptions of the CONFIG logs.The CONFIG logs are submitted at all, with the problem that the interesting parts "before-change-detail" and "after-change-detail" are not delivered.Does anyone else ship CONFIG logs and if...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4104 Views
  • 0 replies
  • 0 Likes

Resolved! PublicCloud Server certificate validation failed

Hi community, I have an issue where system log shows severity high for an event: tls-X509-validation-failed and the description: Palo Alto PublicCloud Server certificate validation failed Dest Addr: sg.wildfire.paloaltonetworks.com Reason: unable to get local issuer certificate Palo Alto PublicCloud Server certificate validation faile...

Nesicito desistalar

Hola, trabajé con una empresa telefónica que me instaló el programa Cortex. Ahora que ya no trabajo con ellos, quiero desinstalarlo, pero no encuentro la forma y no puedo contactar a la empresa. El programa está afectando el funcionamiento de mi PC. ¿Hay alguna manera de desinstalarlo sin la contraseña? Necesito ayuda para solucionar este problema.

Paul.00 by L0 Member
  • 561 Views
  • 1 replies
  • 0 Likes

Block YouTube in general, but allow videos from specific YouTube channels?

We have YouTube blocked in our organization and allow access for individuals to it (the entire service) based on business need and director approval via User-ID and membership in a specific AD group. Now one arm of our organization (that has access to YouTube, of course) has decided that it is a good idea to create a YouTube channel and has aske...

Backup Internet with Ipsec VPN doing BGP

Hello,Mostly just need a sanity check on this configuration.I am setting up a backup internet for one of our hub sites as a failover. Currently the connection to the other primary sites is via a IPsec tunnel using iBGP to pass routes between the "Hub" sites as well as redist into OSPF for internal traffic and routing to spokes.The External VR ha...

Result: Failed to validate server certificate for endpoint api.paloaltonetworks.com

issue1:I am having issues with getting Panorama and firewalls connected up to datalake. I opened a case and i am told it can't connect to api.paloaltonetworks.com. I have pcap that says otherwise. There is no ssl decryption in between. Its frustrating when you spend serious amount of money on this storage and it doesn't work.issue2:I am have a h...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks