This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4469 Views
  • 0 replies
  • 0 Likes

Decryption Certs

Does anybody know if we support separate Decryption Certs in a multi VSYS environment? I have an MSP who wants to use different Certs from each of their customers. Thanks

Papercut Mobility Print - NG-Firewall - Application

We are moving more and more from Citrix, to working on the laptop. A lot of out users are used to "printing" there documents for the next day, so when comming into the office, they just walk to the printer, present there RFID-tag, and presto. We use Papercut, and in the new setup, users should be able to access our Papercut server on port 9163...

Web sessions getting blocked when session switches user ID mid stream

Let me first preface this by saying I am not our network admin, and I have no access to our Palo Alto devices, but since the teams here that are supposed to be managing them cannot be bothered to look at our issues, I wanted to see if this community might have some ideas I can take back to them. Within our IT department, many IT staff have two u...

User-ID mapping for users logged in to a domain controller

Hi Guys, Does anyone know or have experience on configuring User-ID agent to perform user mappings for users who are currently logged in to a domain controller. The issue I am facing is that anyone logs into a domain controller is not being pickup by User-ID agent, so there is no user mapping for any of our domain controllers. All other servers ...

Why does GlobalProtect VPN client for Windows keep getting worse?

This client used to be fine. Then we upgraded it and some silly Windows notifications kept popping up which were annoying and, more importantly, caused the textboxes to lose focus while you are typing a password/key. Now we're up to v4.0.0-90 and this may be the worst yet. Someone decided to remove the password field completely!I'm not sure what...

Firewall slowness

Hello, I am facing an issue with my firewall. it is very slow in the GUI as well as CLI. if i click any tab in the firewall it is taking too much time to refresh and loading the page. firewall model - PA-500PAN-OS version - 8.1.15 below i check from my side:- pa500> show system disk-spaceFilesystem Size Used Avail Use% Mounted on/dev/sda3 3.8...

Jafar_Hussain_0-1615720242254.png
Jafar_Hussain_1-1615720490389.png

Taking longer time to commit on firewall from secondary panorama

As observed, when primary panorama was active, I have created an Test address object and committed and pushed from panorama. Configuration committed and pushed within 2 to 3 minutes.After making secondary panorama as an active, configuration was committed after longer time period around 12 to 15 minutes.As observed on both primary and secondary ...

What Are The Reasons Why We Still Can't Remove the vWire via Panorama On A New Firewall

Hi guys, What is the reason? A brand new firewall from the factory, we give it a management ip-address and panorama server address, we import the firewall config to Panorama and commit to Panorama. We then change the network and device templates so that we the ethernet1/1 and 1/2 become layer 3. When we try to push this config to the firewall it...

Capture.JPG

number-of-severity in threat log

Hi Community, I am trying to parse the threat log from Palo alto. I can see the 'number-of-severity' in the custom Syslog log format. I am looking for an official document to map these numbers to the severity level.I can see the below,4- indicate high level,3 - indicate medium.Anybody has any official documents on this. Thanks in advance!.

aws Panorama mode cant see the HA available to add to the log collector gr

Two aws Pano's in Panorama mode. Primary(active) Panorama doesn't see the collector that is the Secondary/Passive Panorama as being available to add to the collector group. Drop down is blank. Walk through the same steps on the Secondary/Passive node and it sees its local disk as available to add. Which of course you cant because its the passiv...

API to dynamically register and tag from Panorama to Firewall

I'm finding we can use the api to register IPs to Tags on panorama no problem. I can view that they are registered on Panorama. However, Panorama is not pushing these mappings to the managed firewalls. I'm matching on name and I'm using the dynamic group in a policy on that firewall. What actually kicks panorama to push a registered IP...

Sec101 by L4 Transporter
  • 2588 Views
  • 1 replies
  • 0 Likes

Dynamic user group using HIP log

Hi Team, Just need to check if anybody faced the below issue in PanOS 10.0.xI am trying to create a dynamic user group with HIP log by following settings,1- created one Tag2- Configured log settings for HIP log for build in action tagging the source user with the tag created before3- created a dynamic group with the above tag as match criteria. ...

How does Validate Commit function work in PAN OS 9.0.9?

I'm wondering if the validation process is checking the change against the running config and not taking into account the Interface IP change in the candidate config while doing the validation. I am trying to make a change to both the IP address of the outside interface and the associated default static routeWhen a validate commit I get the foll...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks