This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

google searched blocked

I have an issue that seems to only be affecting one user. They seemingly randomly get the block page when doing a google search. Looking at logs most searches are allowed but then I will see the occasional block-url. I think I have narrowed it down to when chrome is opened the first search fails. Searching after that works ok. If I open a new ch...

Resolved! GlobalProtect - Connecting before pre-logon

Hi Everyone, We are experiencing an issue with some of our Windows 10 laptops where if the user connects before the pre-logon tunnel establishes at the Windows logon screen, then they are presented with a Global Protect error saying 'VPN Connection could not be established' once the desktop loads. I have checked the system logs during this proce...

Geroge by L1 Bithead
  • 11019 Views
  • 7 replies
  • 0 Likes

Resolved! Globalprotect Portal failure

I tried to replicate a Globalprotect portal setup from another site and it fails with the following message: GlobalProtect portal(Kawailoa_Portal) setting is invalid: auth-profile exist(method none), client-cert-profile none(no username).(Module: sslvpn)Commit failed What am I missing?

GIT_Sean by L1 Bithead
  • 11297 Views
  • 7 replies
  • 0 Likes

Resolved! PAN is missing EXPORT function

I was trying to export the config for the first time and found that in Device/Setup/Operations I see no option for Export. Digging in I think the problem may be that admins defined by AD group membership and authenticated via RADIUS appear to not be enabled for XML API export/import. I tried to access using the local admin account. But that fai...

palomed_0-1606158755725.png
palomed_1-1606158829779.png
palomed by L3 Networker
  • 2798 Views
  • 1 replies
  • 0 Likes

Palo Alto and Captive Portal for Kerberos

HI allWe have a Palo Alto deployed in AWS and have a requirement to check for a users AD group before letting them into the network.We cannot use User ID Agent as we are not allowed to set up connections to domain controllers as we have over 10 and the traffic load will be too much at the moment. So only option is to use kerberos to check user g...

Object xpath in PanOS config logs

In the PanOS GUI under Config logs there is column "Full Path", which shows the full xpath of the edited objects. However the "Full Path" is not part of the actual syslog Config message and I also can't find a customer "Full Path" field in the Custom Log format fields. Do you know how can we add it to the syslog messages?

2020-11-18_13-57-39.jpg
batd2 by L4 Transporter
  • 4259 Views
  • 5 replies
  • 0 Likes

want to block IP address.

Dears,I have one internal working website. i want to allow the website by the URL and want to block by the IP address.Example:- website name - https://example.com ip address - 192.168.1.50If any user browse this website https:// example.com should be open and if the user browse this https://192.168.1.50 sho...

PowerBI Desktop Sign In fails with SSL Decryption

We are rolling out SSL Decryption for a group of test users and we run into an issue with PowerBI Desktop.When we try to login in PowerBI Desktop it fails and shows that it cannot setup a trusted SSL/TLS connection for the sign in. I am looking into my decryption logs, but I cannot find any issues with URL's that might have something to do with ...

Resolved! Traffic not matching policies configured with AD groups and users

Hello all, i have problem user based policy .in cli i can see that ip and group mapping is fine . When i configure the policy the users and groups appears in the drop down and so on, but didn't match the traffic .Can you give me some suggestions?Thank you in advance!

stef by L2 Linker
  • 3313 Views
  • 2 replies
  • 0 Likes

Load Versioned Configuration (locked)

Hello, community!I'm trying to export a configuration version from a 3020 and it's not creating new versions whenever I commit a config. Upon checking, I found the last config version says "(locked)" at the end of it. Currently no admins have config or commit locks in place and we have commited many times and no new versions have been created. T...

CMachado_0-1605902002039.png
CMachado by L2 Linker
  • 2415 Views
  • 1 replies
  • 0 Likes

Dynamic Updates Query

Hi Team, one of our Client had app and threat license earlier now the license has been expired.Both the devices is in HA.So one of the device has been Rma Now i have configured but i have getting error of Antivirus mismatch because threat license has been expired so how i can rectify the issue of antivirus mismatch

Demisto Mail Sender Integration

Hello,I am using Demisto community edition and i want to integrate it with "SMTP" in order to be able to send e-mails, but i couldn't and encountred the following error message. "(-1, 'E Fatal error: tls_start_servertls() failed') (85)" So I am asking for help, and thanks very much in advance.Cordialy.

mail error.png
ilyes23i by L0 Member
  • 2135 Views
  • 1 replies
  • 0 Likes

Multi-vsys for 3250

A Virtual Systems license is required to support multiple virtual systems on PA-3200 Series firewalls, and to create more than the base number of virtual systems supported on a platform.PA-3250 support bellow things-Base virtual systems1Max virtual systems*6 Base virtual systems1:- Does it mean it only support vsys1 or we can create one more vsy...

Flood log triggered by DoS Protection could not be sent to syslog server

Problem description :Flood log triggered by DoS Protection could not be sent to syslog server.paloalto deploy: v-wire modePANOS : v4.1.8Settings in paloalto :1. Device -> Server Profiles -> Syslog -> Add a syslog server with port 514 and LOG_USER facility.2. Objects -> Log Forwarding -> Add a syslog forwarding profile, all severit...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks