General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 192 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 874 Views
  • 0 replies
  • 0 Likes

Global Protect Enforcing VPN

Hello, 

I need to enforce VPN so users will not be able to access Internet unless tunnel is establish or wired corporate network is connected. Users should also be required to supply credentials and MFA every time the tunnel is built when accessing fr

...

SSL inspection decrypt error from some client

Hello to all,

 

We have a linux website that we made working with inbound ssl inspection by disabling curve25519 / x25519.

Some clients report errors ( always showing as decrypt errors on the monitoring) accessing the site: by taking a networrk trace on

...

Adding multiple client certificate in Linux GP agent

Hi Community,

 

I have a requirement to add multiple client certificate into Linux GP config. Usually, whe we put 'globalprotect import-certificate --location <cert_location>', the existing client cert will be overridden with the new one and it will be

...

Resolved! TLS 1.3 Downgrade Detected error - PAN-OS 9.0.9

Hello Everyone,

I am running PAN-OS 9.0.9 on my PA-3020. When enabling SSL forward proxy and try to access google.com, I get the tls13_downgradedetected error on chrome. I get the same problem even when using other browsers but different error descrip

...

Resolved! Shadow Rule Warning

Hi,

 

Recently I upgrades my firewall from PANOS 8.0.10 to 8.0.17.  The upgrade went fine.  However, after making a small configuration change (adding a new address object), my commit showed a Shadow Rule warning.  

 

The warning is associated with a rul

...

Palo Alto Virtual Firewall

Dear Friend,

 

Can you anybody advice me on palo alto multi vsys capability issues and currently contests of this technology? If one virtual instance compromise how we can make sure it not impact to other vsys ? How multi vsys behaviour on privileged e

...

Filter out whatsapp video only from PA220

Hi, 

 

Is it possible to Filter out whatsapp video only from PA220, or of there is a workaround solution to allow only Text and Images on a PA220 
We have business need to use whatsapp text and Images only 

 

Thank you 

Resolved! Region-to-IP mappings

We have noticed wrong region mappings for ABC 3G public range that is detected on Palo Alto as Armenia country.

Please advise on how to update/fix the mappings dynamically through updates.

 

 

Although IP belongs to Iraq on public databases

Content update

...

Mohammed_Yasin_0-1594044009119.png
Public.jpg
GEO.jpg
Update.jpg

Resolved! ipsec question

Hi

 

So i have my public interface ae1.10

I attached a ikev2 interface to that and attach it to tunnel.50

 

no the other side of the ipsec tunnel are providing 192.168.10.0/24 and I am providing 192.168.250.0/24

 

do I have to place a static route in the v_

...

  • 24009 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Posts
Top Liked Authors
Labels