General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1246 Views
  • 0 replies
  • 0 Likes

How to Renew Certificates for GlobalProtect Devices

 

Hi all,

 

I want to renew the expiration date of the certificates for my globalprotect devices. The firewall is the CA that issued the certificates.

 

My question is whether I have to export and import the certificates after renewing them by follow

...

Carracido by L3 Networker
  • 27853 Views
  • 7 replies
  • 2 Likes

Palo Alto appliance SSL-VPN throughput

Hi all,

 

I searched all the documents available for Palo 5220 (performance datasheet, PANOS admin guide etc) but i cannot seem to find anywhere specified the SSL-VPN throughput...only the maximum number of SSL-VPN tunnels. Is there anyway or maybe a d

...

livliv by L0 Member
  • 3264 Views
  • 1 replies
  • 0 Likes

Resolved! Cannot install Machine Certificate for GP Pre-logon

I encountered a problem installing the machine certificate.

I followed the article below:
https://live.paloaltonetworks.com/t5/news/globalprotect-pre-logon-authentication/ta-p/322237
 
We are using a self-signed root ca that is in the cert profile for au
...

ERROR.png
CERT.jpg

Connect 2 Aruba Controllers to PA-220

We have two Aruba wireless controllers in a master / secondary configuration.  Each one has a trunk port which contains about a dozen VLANs with our guest wireless traffic.  The VLANs are arbitrarily assigned to the trunk ports by the controllers and

...

radius user group

Hello!

 

I'm studying the PCNSA, may I ask you a question about a security policy?

The "it" group in that policy could be a Radius group imported on the FW?

Or could be a way to map users to group?

 

 

 

PS:

it would be very useful if Palo Alto offered a free

...

group palo alto.png

Resolved! Query on clientless VPN

We are told that the clientless apps only works with HTTP/HTTPS based apps, and therefore we cannot use it to allow MS remote desktop.

 

This is the problem I am trying to solve. Our users currently use their own computers at  home. They connect to the

...

NEED TO CREATE NEW VYSYS ON FIREWALL MANAGED BY PANORAMA

Hi Team,

 

I am planning to create new vysys on firewall which already managed by panorama.

 

In this case if i enable it from panorama and push the configurations to local firewall will create automatic device group and templet will be crated are do i n

...

saifulla by L0 Member
  • 2334 Views
  • 1 replies
  • 0 Likes

Resolved! Dynamic user group using HIP log tagging

Hi Team,

 

I am trying to create a Dynamic user group using Log settings for HIP logs by the following procedure,


1- created one Tag
2- Configured log settings for HIP log for build in action tagging the source user with the tag created before
3- created

...

NAT question

Hello all,

we have configuration with dual ISP.

From the 1st provider we get public IP directly on the PA

2nd provider is with nat, i mean on PA we have private IP.

 

When the route goes through the 1st one everything works fine. 

When we switch to the 2nd

...

stef by L2 Linker
  • 3921 Views
  • 5 replies
  • 0 Likes

GlobalProtect VPN Client Mac OSX Secure Input

I've got a user that uses keyboard maestro (an application) to run macros for software development. The issue is that keyboard maestro requires secure input (Mac OSX feature) to be disabled to be able to run. GlobalProtect since it starts as a servic

...

  • 24175 Posts
  • 117 Subscriptions
Top Solution Authors
Top Liked Authors
Labels