General Topics

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Enterprises are embracing AI to revolutionize their operations, but with innovation comes new cybersecurity challenges. That’s why you can’t miss Ignite on Tour!

This event is your gateway to exploring how AI is transforming cyber defenses. Join us

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Unable to register a used PA-500 Firewall

Hey,

I recently bought a PA-500 Firewall on eBay for testing in my Lab. Unfortunately, I can’t register it at Palo Alto Website, because it is already registered. So I can’t get access to resources like Firmware-Upgrades or even get access to a LAB-L

...

Resolved! AE Interface State when Connected to Switch LAG

I'm working on an HA project, but can't get the interfaces to negotiate.

2 x PA-3220 v8.1 2 x Dell N4032F switches latest recommended firmware

The firewalls are setup for active/passive HA and the switches are configured for MLAG and have a LAG se

...

Resolved! Want to upgrade only Panorama to panos 9.0

In PAN OS 9.0 multiple URL category feature is added(high, medium and low risk category).

Is there any issue if we only upgrade panorama to 9.0 and not a managed firewalls ?

We should not face configuration or commit issue as panorama and firewall will

...

Ipsec Tunnel Failover issue

We have a PA-3020 firewall pair that has multiple IPsec tunnels to a VM series pair in AWS. We have 4 IPsec tunnels that we run to the firewalls. They are:

Tunnel A - On Prem to AWS FW1 over Direct Connect
Tunnel B - On Prem to AWS FW2 over Direct Con

...

Resolved! Lock down VPN for certain users

I am fairly new to Palo Alto so please forgive me if this is a simple answer or answered somewhere else.

I have a requirement to lock down our Global protect for our vendors. Here is what I have.

I have group mappings and User-ID mappings set up and wo

...

Resolved! Trunked interfaces spanning multiple interfaces

Hi,

I'm relatively new to Palo Alto firewalls - does anyone know if this is possible? Firewall needs to control traffic between VLAN10/Internet, VLAN20/Internet & between VLAN10/VLAN20.

Thanks in advance.

refresh connection option in GP agent allowing users to disconnect GP

We disallowed users to disable global protect app in Portal > app configuration setting , but still due to refresh connection option user able to disconnect GP and using local internet for browsing.

We don't want to disable GP icon from system tray du

...

Resolved! Does Palo Alto do NAT before doing Policy Based Forwarding

Hello Folks,

I'm trying to set up my Palo Alto to do Policy Based Forwarding.

Does PA do NAT before Policy Based Forwarding???

I've created Policy based forwarding to send traffic to an interface, if it is sourced from an address. 10.0.0.0/24

BUT it'

...

Resolved! Panormoa - HA (Panoroma Mode) on VM minimum log disk size requirement

I went through the specification and found that minimum required log disk size is 2TB and then can be increased by factor of 2. Is it the strict minimum requirement or can we set up panorama ( Panoroma mode) with log disk lesser than 2TB ( e.g. 700GB...

Workaround for GPC-9415 Issue ID

Hi Team,

Just want to know whether is there any workaround for the mentioned GPC issue ID.

Issue ID : GPC-9415 (For the GUI version of the GlobalProtect app for Linux, SAML authentication with Microsoft Azure does not work on Ubuntu 1804 or greater v

...

Resolved! how to create policy and how to identify which ports are being used on PAN

Hi Guys,

I am new to Palo Alto. I recently joined the firm and they are using any any as policy for internal to Public, Internal to WAN zone. My tasks is to identify the ports which are being used and apply the ACL.

My question to experts is how to f

...

Panorama not receiving logs after rebuilding with new OVA

We had to rebuild Panorama from new OVA file. It is on version 9.0.8 and running on vmware.

Firewalls are all in-sync

This is the disk status on panorama

adm-rajrupindertoor@Panoramanv1> show system disk-space

Filesystem Size Used Avail Use% Mounted on

...

Problem renewing ssl certificates with global protect portal

Hi all,

I have the following problem. We have an ssl certificate (public ca) and this renews end of this month. We use ssl.domain.xx as gateway. Since we have to renew our certificate I ordered Networksolutions certificate and installed this within th

...

Resolved! What is the preferred way to monitor vmware view environments for User-ID?

How are others monitoring their Vmware view / horizon environments for user-id?

I see there is a terminal services agent you can use, (looks like you can only install on windows and citrix) but I haven't found specifics on actually monitoring the vmwa

...

Resolved! Log Collector question

Please explain:

Panorama must be running the same (or later) software release as Log Collectors but must have the same or an earlier content release version:

Software release version
—If your Panorama management server is not already running the same o

...

Discussions

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Unable to register a used PA-500 Firewall

Resolved! AE Interface State when Connected to Switch LAG

Resolved! Want to upgrade only Panorama to panos 9.0

Ipsec Tunnel Failover issue

Resolved! Lock down VPN for certain users

Resolved! Trunked interfaces spanning multiple interfaces

refresh connection option in GP agent allowing users to disconnect GP

Resolved! Does Palo Alto do NAT before doing Policy Based Forwarding

Resolved! Panormoa - HA (Panoroma Mode) on VM minimum log disk size requirement

Workaround for GPC-9415 Issue ID

Resolved! how to create policy and how to identify which ports are being used on PAN

Panorama not receiving logs after rebuilding with new OVA

Problem renewing ssl certificates with global protect portal

Resolved! What is the preferred way to monitor vmware view environments for User-ID?

Resolved! Log Collector question

User-ID agent upgrade path

TYPICAL NAT QUESTIONS

Maximum Pan-os version recommended for PA-820

GlobalProtect expand IP Pool

Upload Panorama License Key via API

Re: List of System OIDs

Re: Issue with PA-1410 platform disk size

Re: Failover IPSEC tunnels with tunnel monitor keeps both tunnels active

Bug Search Tool

Re: Global Protect authentication happened two time while using RADIUS

Unlock your full community experience!

Resolved! AE Interface State when Connected to Switch LAG

Resolved! Want to upgrade only Panorama to panos 9.0

Resolved! Lock down VPN for certain users

Resolved! Trunked interfaces spanning multiple interfaces

Resolved! Does Palo Alto do NAT before doing Policy Based Forwarding

Resolved! Panormoa - HA (Panoroma Mode) on VM minimum log disk size requirement

Resolved! how to create policy and how to identify which ports are being used on PAN

Resolved! What is the preferred way to monitor vmware view environments for User-ID?

Resolved! Log Collector question