General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

INFO gave up: minemeld-engine entered FATAL state

Hi,

I am using ubuntu 20.04,

Installed minemeld using docker and using minemeld on web interface.

I am getting this error and the below log:

$ sudo docker logs minemeld
*** Running /etc/rc.local...
*** Booting runit daemon...
*** Runit started as PID 8
minem

...

Resolved! Want to configure two different domain for LDAP Authentication.

Hi Team,

Can we configure two different domain in PA firewall? will it work for global protect authentication?

Resolved! Zone for vpn

Hello ,

We have currently three diffent zones defined .

Zone A vlan 100. For wired users

Zone B vlan 200 for wireless users

Zone V tunnel/ loopback interface for Global protect users.

All the above users mentioned are corp users.

Now customer wants t

...

dns-signature cloud service connection refused / kicked-off vpn

VPN just kicked every off for a couple minutes. I had a dozen logs forwarded to me saying dns-signature cloud service connection refused. Anyone know if that might be the cause? When I was able to reconnect to VPN, the # of sessions was 3-5x norma

...

Resolved! Session moves from ACTIVE to DISCARD in middle of download once zone protection enabled.

Hi Community,

I am seeing the below behaviour in my PA-850 running on 9.1.4. Security policy is allowed for traffic.

Scenario-1, without zone protection in internet zone - Everything works fin

Scenario -2,

Having zone protection with pretty much all opt

...

Resolved! Layer 2 MPLS pseudowire to span HA ports across sites.

Hello,

I'm still learning PA and I'm planning to create a pair in HA Active/Passive mode.

I was planning on connecting HA1A, HA1B and HA2 to a Cisco switch. Each port on a different VLAN. I was then going to trunk this traffic to a Cisco router (ASR9

...

End of life and end of support for PA5050 and M100

Hi All,

I would really appreciate if someone can let me know below details for PA5050 and M100.

1. End of life

2. End of Support

3. Replaced product

Thank you in advanced,

Gayan Samarakoon

Resolved! PA-820 Terrible throughput

Hi All,

I have a PA-820 running 10.0.3. Lately my main connection was a DSL connection that limited me to 12/1 (on a perfect day). However I finally got on to the Starlink Beta, hung the dish and started getting items setup. When I pass any traffic t

...

Trouble routing VXLAN traffic as it enters the outside interface

Hello community,

I am attempting to create a VXLAN over IPSec solution between my PA-3250 and a remote Fortinet FortiGate 61E. I have managed to get things configured correctly on the FortiGate (I think) as I am seeing the traffic entering on the Palo

...

Want to use IPv6 for bi-directional nat for VC.

Hi,

Want to use ipv6 for bi-directional natting only for VC. Want to know the procedure on how to configure it.

I have tried https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/networking/nat64/configure-nat64-for-ipv6-initiated-communication.h

...

Resolved! Problem acknowledging alarms

I have an issue where I click acknowledge alarm several times, but the firewall refuses to update the status of alarms to acknowledged. Is there some absurdly long undocumented lag? Anyone else have a similar problem?

PA OOB Managment Interface question

How can I get PAN updates via the MGMT Interface if its on an isolated network inside my organization. NOTE: Its not on the internal zone. The route is working as i can see my packets leaving via egress when i ping from the host connected to the MGMT

...

How to control reverse DNS lookup through DNS SecurityLicense

The user was trying to send a mail from internal to external domain but it is blocking by sinkhole because it is showing as malicious traffic, however, we are able to receive from that malicious domain, Can we block reverse mail from an external serv

...

Resolved! Not able to see new threat ids

I have updated firewall contents to new version. After update also still I am not able to see newly added threat id under vulnerability protections profile under panorama. I can see those ids locally on firewall but not on panorama.

Wha could be the

...

FTPS connection impossible with AntiVirus, AntiSpyware or vulnerability protection is enabled

I have an FTPS server behind the PA. When I enable either AntiVirus, AntiSpyware or vulnerability protection with default profiles it is impossible to connect to the FTP server over TLS. The below errors are seen. When I disable these protections I'm

...

Discussions

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

Discover LIVEcommunity Through Our New Animated Explainer Video!

INFO gave up: minemeld-engine entered FATAL state