General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Global Protect Implementation

What's the best way to implement Global Protect in my home network so that I can access it from the outside?

Zone Protection - Reconnaissance

Hi,

Are there any best practice settings for the reconnaissance portion of the zone protection profile.

I see the default has the below. Is it recommended to leave as defaults or does someone have a better recommendation?

TCP Port scan 100 events wi

...

Resolved! GlobalProtect Gateway is not licensed

Hi,

I'm working on home lab and tried to configure clienetless global protect eveything went well expect when i authentate the user i got this message " GlobalProtect Gateway is not licensed. Contact system administrator. ", however during my reading

...

GP Split Tunnel with Microsoft O365/Microsoft Teams & GP License

Hello All,

It appears that the large list of IPs and domains to completely enable split-tunneling with GP for O365 & Microsoft Teams requires the GP license to facilitate defining domain names in addition to IP networks (which I understand works with

...

Resolved! Releases date 9.1.1

Hello,

Can someone said me the release date for PAN-OS 9.1.1?

Regards,

Can URL Profiles be used if there is No URL Filtering License?

Can i use URL filtering using custom URL categorys if i do not have a URL filtering license.?

when i try i get the following warning message.

No valid URL filtering license,

Resolved! User-ID: Is possible to retrieve groups without sever monitoring?

Hello community,

I´m sharing with you this doubt you maybe can help me with:

I´m only interested in having the group-user mappings and not ip-user mappings. Is this possible?

Furthermore, is it possible to retrieve group-user mappings without having

...

Can't connect firewall to network

I'm trying to setup a PA-220 for the first time. I'm able to access the fw via the web interface when I directly connect my laptop to the mgmt port.

I'm stuck on Step 11 (https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/inte

...

Unable to disconnect Global Protect in Linux machine

Hi Team,

I have configured GP using "On demand" method when I tried to disconnect GP by ran the command (

user@linuxhost:~$globalprotect disconnect ) getting below error,

sweekrit@sweekrit-HP-240-G6-Notebook-PC:~$ globalprotect show --error
Unable to e

...

Resolved! Names instead for IP address on routing table

Hi there,

We have a PA with two Virtual Routers, Internal VR and DMZ-Internet VR. When I type show routing fib virtual-router "Internal VR" for example the forwarding table shows a name for next hop and interface, see the output below:

show routing f

...

"Disconnect on ideal" not working - Global protect

We have set Disconnect on ideal for 20 min and we have tried to log off from the PC and login after 20 mins and GP is still connected,what could be the issue.

Inactivity logout seems to work after 2 hours

Palo version 8.1.13

GP- 5.1.1

which answer is right?

A company needs to preconfigure firewalls to be sent to remote sites with the least amount
of reconfiguration. Once deployed, each firewall must establish secure tunnels back to multiple regional data centers to include the future regional data center

...

GP VPN having some issue with Okta authentication

Does anyone else having below issue with the Okta CDN? Screenshot has been attached for reference.

authentication sequence with LDAP and SAML

Hi Community,

I have a requirement to have client authentication in globalprotect portal/gateway to have with LDAP first then another profile wich is SAML based. the requirement is to authenticate with SAML profile if LDAP auth fails. But as SAML pro

...

Resolved! How to check/find persistent sessions

How can we check from CLI sessions that have been running for hours or days.

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Global Protect Implementation

Zone Protection - Reconnaissance

Resolved! GlobalProtect Gateway is not licensed

GP Split Tunnel with Microsoft O365/Microsoft Teams & GP License

Resolved! Releases date 9.1.1

Can URL Profiles be used if there is No URL Filtering License?

Resolved! User-ID: Is possible to retrieve groups without sever monitoring?

Can't connect firewall to network

Unable to disconnect Global Protect in Linux machine

Resolved! Names instead for IP address on routing table

"Disconnect on ideal" not working - Global protect

which answer is right?

GP VPN having some issue with Okta authentication

authentication sequence with LDAP and SAML

Resolved! How to check/find persistent sessions

SSO Activation

OSPF route suppression

SSO Activation

No valid AceMlc2 config: SC 1 (AceMlc2): Config not valid

How to request a URL filtering change to High-Risk?

Re: New periodic alert: Configuration size 19MB is above 80% of the maximum recommended configuration size 23MB for the platform.

Support Portal is down.

Re: sorting question

Re: How to add palo to multiple device groups

Error while logging into PaloAlto Support Website

Unlock your full community experience!

Resolved! GlobalProtect Gateway is not licensed

Resolved! Releases date 9.1.1

Resolved! User-ID: Is possible to retrieve groups without sever monitoring?

Resolved! Names instead for IP address on routing table

Resolved! How to check/find persistent sessions