This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4466 Views
  • 0 replies
  • 0 Likes

Want to use IPv6 for bi-directional nat for VC.

Hi, Want to use ipv6 for bi-directional natting only for VC. Want to know the procedure on how to configure it. I have tried https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/networking/nat64/configure-nat64-for-ipv6-initiated-communication.htmlthis link but when I commit the configuration it's got failed.

Resolved! Problem acknowledging alarms

I have an issue where I click acknowledge alarm several times, but the firewall refuses to update the status of alarms to acknowledged. Is there some absurdly long undocumented lag? Anyone else have a similar problem?

PA OOB Managment Interface question

How can I get PAN updates via the MGMT Interface if its on an isolated network inside my organization. NOTE: Its not on the internal zone. The route is working as i can see my packets leaving via egress when i ping from the host connected to the MGMT port. I want to avoid using Service route configuration via the external facing interface. Cheers!

supruzer by L0 Member
  • 3002 Views
  • 2 replies
  • 0 Likes

How to control reverse DNS lookup through DNS SecurityLicense

The user was trying to send a mail from internal to external domain but it is blocking by sinkhole because it is showing as malicious traffic, however, we are able to receive from that malicious domain, Can we block reverse mail from an external server to internal using DNS license. In my case, it has received. Eg- User mail is test@abc.com and ...

Resolved! Not able to see new threat ids

I have updated firewall contents to new version. After update also still I am not able to see newly added threat id under vulnerability protections profile under panorama. I can see those ids locally on firewall but not on panorama. Wha could be the issues? Any help would be much appreciated

BK0007 by L2 Linker
  • 4355 Views
  • 4 replies
  • 0 Likes

FTPS connection impossible with AntiVirus, AntiSpyware or vulnerability protection is enabled

I have an FTPS server behind the PA. When I enable either AntiVirus, AntiSpyware or vulnerability protection with default profiles it is impossible to connect to the FTP server over TLS. The below errors are seen. When I disable these protections I'm able to connect. Regards,Han. Command: PASVResponse: 227 Entering Passive Mode (xxx,xxx,xxx,xxx,...

Han.Valk by L2 Linker
  • 7118 Views
  • 8 replies
  • 0 Likes

Resolved! How to prevent my firewall to stop responding to external DNS queries

Hi ,currently if anyone from public network uses the external IP of the firewall as a DNS server and try to send DNS query , my FW is responding to that queries which is high risk .how to stop FW from responding to any DNS queries knowing that the DNS proxy is not configured and our DNS security subscription is expired .

How to submit incorrect app classification?

I'm having some difficulty navigating this site. I want to submit the application "Xbox Music" as streaming music (http://music.xbox.com). Currently it's being classified under "xbox-live" (online gaming).

Maxstr by L3 Networker
  • 4193 Views
  • 3 replies
  • 0 Likes

Registering a PA-850 (won't allow me to register the device)

Hello everyone, My company recently purchased a used PA-850 from an Ebay listing. I have been trying to register the device so I can update the OS Version. However, when we attempt to register the PA-850, the system throws an error saying it is unable to find the serial number. Is this because the device is registered to another account alread...

How to force GlobalProtect user to always connect to portal

Hi Guys, For couple of reasons, recently I started to think - Is there a way to force the users to always connect to the GP portal first and don't use saved gateway config? I have noticed that we have lots of users connecting straight to the GP gateway and haven't been connected to GP Portal for days. I am trying to figure out a way to force the...

Not able to push and commit from the panorama.

Dears,I have added my firewalls in a panorama. but sometimes i am getting the below commit error:- VPN-SSL is not a newly created object. it was there since i added the firewall in the panorama. And the issue occurs intermittently.Panorama version - 9.1.2Firewall version- 9.0.8 your suggestions appreciated.

Jafar_Hussain_0-1608100763099.png

Múltiple Proxy ID PAN - Migration from FG using group address.

Hello guys! I'm on a manual STS VPN homologation from fortigate, and I have address pools declared in the encryption domains, which translates to too many proxy id's for palo alto, is there any way to configure this without having to generate so many proxy id? I know you can't use groups, but can you do something with variables or any ideas? Tha...

Edge Not Displaying Images With Palo Alto Networks Generated Page

Recently our Network guys implemented a Palo Alto firewall and we have started using it to block content. For instance a user tries to go to a gambling website and they get a blocked message that has a couple of images that are hosted on a different IIS based web server but the main page itself is hosted on the Palo Alto.IE and Chrome display th...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks