General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

Resolved! Best method to block Instant Messaging

Working for a State Government agency, we are required to keep a record of any official electronic communication. Using public Instant Messaging services creates a problem for us in that we don't have a mechanism for keeping copies of any transactions which are part of a Public Record conversation.In light of this issue we would like to block I...

GP/ LDAP authentication

Hi, I have a test AD/PA setup.AD and LDAP connectivity is okay so far. My problem is that I am unable to authenticate any user against Global Protect.The un/pw are correct.The group are correct too, as far as I can see. This is the output i get when trying to authenticate: SITE1> test authentication authentication-profile AUTHPROFILE usernam...

Resolved! Configuring Palo Firewall into an IDS

Typically the ATP license would be used if we want to have the IPS features on the PA firewall. However, how do we configure the firewall if its meant to function as an IDS?

IPSec intermittent disconnection issue

Hi, Is there a command to check if a tunnel went down on a specific time and why it happened. I have a tunnel set-up to a 3rd party where they keep monitoring some of their servers. They inform me that they receive alarms every hour that the endpoint is down and its not coming back up for about 15 min. I cant see anything obvious. I have done ...

GlobalProtect Authentication SAML plus certificate (backup mode)

I would like to know if it is possible to configure SAML to authenticate and in case something in the SAML part is not working, certificate authentication is used. This is for GP authentication. So SAML + certificate auth (backup option). I understand that i will need a authprofile with SAML auth. But where can i choose the backup auth by cert...

How to stop the output of CUID errors

Attention: JAPAC TPM team Hello I'm Shono Kawaguchi. Please tell me how to stop the output of the following error. high　userid　cuid-conn 0 gRPC connection to identity.services-edge.paloaltonetworks.com:443 is broken, error: Feature is not enabled or device cert isn't available for CUID gRPC connection time: 2025-03-26 02:51:47 As long as...

Resolved! PA VM 10.2.5 EVAL NOT WORKING

I am experiencing the issue with PA VM 10.2.5 EVALU VERSION IS NOT PROCESSION AFTER HDF LOGIN. PLS PROVIDES THE RESOLUTION.

Syslog Custom Format for Splunk

I'm trying to get the firewall to send before and after change detail to splunk. I've tried various formats in Custom Log Format, but any changes I make result in no logs being sent to splunk. What is the correct format for Custom Log Format when using syslog and splunk? I'm running PA OS 8.1

Where can I find more information about pan 279746?

Hello, I have a PA-450, and I would like to know if there's any additional information about this, other than what's provided in the software release notes

Resolved! Applipedia Down?

Hi, Applipedia (https://applipedia.paloaltonetworks.com/) currently seems down - I'm getting "Sorry, an error occurred while processing your request." when visiting. Anyone able to advise when this will be back up, or if this has been moved elsewhere? Thanks.

VPN issues with 3 ISPs

After upgrading to the pa-850 10.2.13-H3 version, problems started occurring in one of the ISPs. There are 3 ISPs, the first two main ones and the third one as a secondary ISP which manages the VPNS. After the upgrade the configuration was maintained and there were no changes (administrative and metric distance), suddenly they started to fail ca...

Resolved! export ike debug to syslog

Hello, We are having an intermittent tunnel issue. We have debug turned on in the ike logs and when I view them on the box I see all the debug logs. However, these rollover pretty fast and if the issue occurs and no one logs in to pull the logs within an hour or so then they are gone. We have set up a syslog server and the palo is sending logs...

Resolved! MFA external provider question

Hello Community, I have always use don-prem solutions for MFA. Currently I am researching using a 3rd party provider, (Duo v2, Okta Adaptive, PingID, and RSA SecurID) . Which one do you use and would you recommend them? I was considering Duo since they have the lowest cost offering. Love to hear your thoughts! Cheers!

Resolved! Applipedia always down

Hi, Why does applipedia go down almost on a daily basis? Is it that difficult to stablise the site?

Unable to set SSL/TLS Service Profile with Panorama

Hello, At a bit of a dead end with a template change. Essentially, I am trying to configure the VMSeries Firewalls SSL/TLS Service Profile under: Device > Setup > Management > General Settings > SSL/TLS Service Profile I have configured the profile and requisite certificates in my template but when I push the changes, the SSL/TLS ...