This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4248 Views
  • 0 replies
  • 0 Likes

Migrating Palo Alto's

Quick question regarding changing model of Palo Alto's. We're moving from a larger model to a smaller. Is there a guide I could use for this? From what I've gathered so far the two firewalls have to be on the same software version? is that the only pre-requisite? After that we can export config and import it on the new hardware? Much appreciated!

Resolved! IP Pool Assignment

We have deployed a PA-VM into AWS running 10.0.4 and are currently trying to configure Global Protect to secure our developer connections to our AWS environment. We have a Global Protect Gateway deployed and are able to establish a VPN connection. The issue we have is with the IP Pool assignment. Each IP in the pool which is distributed to a GP ...

Resolved! Policy based routing

Hi, Do we need a security policy, once the PBR configured in the firewall? OR FW just forward the packet to the Egress interface and not look for the security policy. Thanks.

ChiragP by L2 Linker
  • 3817 Views
  • 2 replies
  • 0 Likes

Resolved! The 7 byte custom signature minimum

Hello Palo Alto, I am doing a custom combination signature for brute force/Layer 7 HTTP DDOS protection. I am using "http-req-params" to block more than 5 attempts in 10 seconds for a particullar site (https://docs.paloaltonetworks.com/pan-os/u-v/custom-app-id-and-threat-signatures/custom-application-and-threat-signatures/custom-signature-contex...

Resolved! PA-5220 App Update issues

In my environment, we must update our apps manually. One machine allows it to be updated like normal through the device menu, but on other machines when uploading the app file, it just keep showing the progress bar and doesn't go any further. Has anyone had this issue before?

Globalprotect users cert renewal process?

I have 20 GP users that has certificate check as first factor of authentication. The certs are set to expire in a month. If I renew the cert and export it to them on a USB stikc, will that break the connection until the certs are installed? What is the best way to refresh the certs on user machines? Thanks.

URL Filtering reponse page into iframe

I have a situation, where on some page which is allowed in URL Filtering: ex. allowed_site.com I have an iframe with another site which is blocked on URL Filtering: block_site.com. I have configured response page for block action. But when I open allowed_site.com, I don't see my response page into iframe. I see a web browser error page or crashe...

pkopec by L0 Member
  • 2269 Views
  • 1 replies
  • 0 Likes

Resolved! Is Anyone Able to To Set Up Google Authenticator For CSP Access?

This in regards to accessing the Palo Alto Customer Service Portal (CSP). We have enabled 2FA at the system level for CSP access and are using email for 2FA. I am following the directions here for setting up Google Authenticator instead of email for 2FA access. How to Enable Google Authenticator - Knowledge Base - Palo Alto NetworksHowever I a...

Resolved! EDL IP list entry..

Hi Team, We have EDL configured and there are many IP entries in that EDL but now for some reason we have to keep source address in edl as blank. Can you confirm that removing source address will not impact the list of IP entries in that EDL since we want entries to keep using. Thanks,Om

Resolved! MSMQ (TCP1801) - Unknown TCP

Hi guys,I have an issue allowing traffic between different components of the SolarWinds on port TCP/1801 for the application "Microsoft Message Queuing (MSMQ)". The traffic is recognized as unknown-tcp. I tried to identify an application that could match msmq but no success. Since this is Microsoft app, I'm pretty sure I miss something since I c...

BogdanS by L0 Member
  • 3671 Views
  • 1 replies
  • 0 Likes

Resolved! The installed version of PanOS on my pa-3020 is different then the installed version listed on my name configuration snapshot. Is this a bug?

On my pa-3020, we have PanOS 9.1.4 installed, 9.1.4 is shown as the installed version on the PanOS web UI. However, when looking at the name configuration snapshot, the name snapshot says the installed version is 9.1.0.Is this a common error to see a different version installed on the pa-3020 PanOS web UI, and what PanOS says is installed on th...

Resolved! Enabling IPV6 S2S site to site VPN tunnel

Does anyone know how or were I can locate documentation on enabling and adding IPV6 IP into my existing VPN tunnel? I have been looking in Beacon training but I cant find what chapter or training this actually falls under. All I was give from the customer were IPV6 Ips that I have to add to my FW. FW is on 9.1.6. Thanks in advance for the help.

Resolved! Request to Palo Alto to add internal scripting options like Linux/Unix crontab/cronjob etc.

Hello Palo Alto, I have seen many issues where the customer needs to restart the managment server service because of a memory leakage bug and having the option to schedule a command like "debug software restart process management-server" (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClaGCAS ) or the web processes ('...

Data Filtering timers and inner workings

Hello, Live Community! I've been using Data Filtering profiles for a while now and they work really well, but it has come to my attention that I don't really know some of the inner workings of it, specially today when someone asked me about it, so... Does DF work with timers? I mean, what's the time range for detecting a data pattern/regex/file ...

CMachado by L2 Linker
  • 3055 Views
  • 1 replies
  • 0 Likes

SolarStorm attack - Share your thoughts

Hi everyone, we know there is a lot of news about the SolarWinds supply chain attack (SolarStorm Attack), and we want to let you know that we are here to help and want to make sure you have all the resources and information you need. We put together a blog sharing all the different ways Palo Alto Networks can help you navigate during this time....

agalindo by L1 Bithead
  • 9540 Views
  • 7 replies
  • 7 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks