General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! Lock down VPN for certain users

I am fairly new to Palo Alto so please forgive me if this is a simple answer or answered somewhere else.

I have a requirement to lock down our Global protect for our vendors. Here is what I have.

I have group mappings and User-ID mappings set up and wo

...

Resolved! Trunked interfaces spanning multiple interfaces

Hi,

I'm relatively new to Palo Alto firewalls - does anyone know if this is possible? Firewall needs to control traffic between VLAN10/Internet, VLAN20/Internet & between VLAN10/VLAN20.

Thanks in advance.

refresh connection option in GP agent allowing users to disconnect GP

We disallowed users to disable global protect app in Portal > app configuration setting , but still due to refresh connection option user able to disconnect GP and using local internet for browsing.

We don't want to disable GP icon from system tray du

...

Resolved! Does Palo Alto do NAT before doing Policy Based Forwarding

Hello Folks,

I'm trying to set up my Palo Alto to do Policy Based Forwarding.

Does PA do NAT before Policy Based Forwarding???

I've created Policy based forwarding to send traffic to an interface, if it is sourced from an address. 10.0.0.0/24

BUT it'

...

Resolved! Panormoa - HA (Panoroma Mode) on VM minimum log disk size requirement

I went through the specification and found that minimum required log disk size is 2TB and then can be increased by factor of 2. Is it the strict minimum requirement or can we set up panorama ( Panoroma mode) with log disk lesser than 2TB ( e.g. 700GB...

Workaround for GPC-9415 Issue ID

Hi Team,

Just want to know whether is there any workaround for the mentioned GPC issue ID.

Issue ID : GPC-9415 (For the GUI version of the GlobalProtect app for Linux, SAML authentication with Microsoft Azure does not work on Ubuntu 1804 or greater v

...

Resolved! how to create policy and how to identify which ports are being used on PAN

Hi Guys,

I am new to Palo Alto. I recently joined the firm and they are using any any as policy for internal to Public, Internal to WAN zone. My tasks is to identify the ports which are being used and apply the ACL.

My question to experts is how to f

...

Panorama not receiving logs after rebuilding with new OVA

We had to rebuild Panorama from new OVA file. It is on version 9.0.8 and running on vmware.

Firewalls are all in-sync

This is the disk status on panorama

adm-rajrupindertoor@Panoramanv1> show system disk-space

Filesystem Size Used Avail Use% Mounted on

...

Problem renewing ssl certificates with global protect portal

Hi all,

I have the following problem. We have an ssl certificate (public ca) and this renews end of this month. We use ssl.domain.xx as gateway. Since we have to renew our certificate I ordered Networksolutions certificate and installed this within th

...

Resolved! What is the preferred way to monitor vmware view environments for User-ID?

How are others monitoring their Vmware view / horizon environments for user-id?

I see there is a terminal services agent you can use, (looks like you can only install on windows and citrix) but I haven't found specifics on actually monitoring the vmwa

...

Resolved! Log Collector question

Please explain:

Panorama must be running the same (or later) software release as Log Collectors but must have the same or an earlier content release version:

Software release version
—If your Panorama management server is not already running the same o

...

PA-850 NGFW vs Fortinet 300E

Would you guys agree that the PA-850 is the model equivalent of the Fortinet 300E?

Just doing a bit of research

Resolved! Encyrption domains / proxy ID

Hi,

I am new to setting up VPN tunnels from Palo Alto to a 3rd party firewall and I'm unsure how to setup the proxy IDs for the tunnel config. On the local side I have 9 x /32 addresses and on the remote side there are 7 x /25 subnet addresses. Do I

...

NTP sync to server 0.pool.ntp.org failed

Hello all,

we run an upgrade on our Panorama to 9.0.7.

Since a few days, I'm receiving this warning:

NTP sync to server SERVER failed, authentication type none

Same message for primary and secondary NTP server.

I switched from internal to external NTP

...

Trying to install Global Protect VPN client

Hello All..

I am trying to install the GlobalProtect VPN client on a Windows 10 box and am having difficulties.

The machine already has the Cisco AnyConnect client on it.

The install seems to complete OK, but when I try to connect with the client it nev

...

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Resolved! Lock down VPN for certain users

Resolved! Trunked interfaces spanning multiple interfaces

refresh connection option in GP agent allowing users to disconnect GP

Resolved! Does Palo Alto do NAT before doing Policy Based Forwarding

Resolved! Panormoa - HA (Panoroma Mode) on VM minimum log disk size requirement

Workaround for GPC-9415 Issue ID

Resolved! how to create policy and how to identify which ports are being used on PAN

Panorama not receiving logs after rebuilding with new OVA

Problem renewing ssl certificates with global protect portal

Resolved! What is the preferred way to monitor vmware view environments for User-ID?

Resolved! Log Collector question

PA-850 NGFW vs Fortinet 300E

Resolved! Encyrption domains / proxy ID

NTP sync to server 0.pool.ntp.org failed

Trying to install Global Protect VPN client

Upgrade from version 10.2.7-h8 to 10.2.11-h2

IPSec setup with certificate

UNABLE TO PING MANAGEMENT INTERFACE FROM LAN

Site flagged as GRAYWARE Please Help!!

HA State is "not sycned" even though Sync Task is completed on Peer (Passive) Gerät)

Re: User ID agent not starting.

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Re: Sofware Upgrade broken? "An active license is required for this feature"

Re: Cannot see Dynamic IP lists

Recommended PAN-OS version

Unlock your full community experience!

Resolved! Lock down VPN for certain users

Resolved! Trunked interfaces spanning multiple interfaces

Resolved! Does Palo Alto do NAT before doing Policy Based Forwarding

Resolved! Panormoa - HA (Panoroma Mode) on VM minimum log disk size requirement

Resolved! how to create policy and how to identify which ports are being used on PAN

Resolved! What is the preferred way to monitor vmware view environments for User-ID?

Resolved! Log Collector question

Resolved! Encyrption domains / proxy ID