This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4225 Views
  • 0 replies
  • 0 Likes

Allow traffic to specified hosts/networks when Enforce GlobalProtect enable

Hi, I want to use the feature Enforce GlobalProtect for Network Access. Outside the company, users must use Global Protect to network access, but when users are on the company site, they should be able to access the local company network. For that I use the parameter "Allow traffic to specified hosts/networks when Enforce GlobalProtect Connecti...

fd9999 by L1 Bithead
  • 3882 Views
  • 4 replies
  • 0 Likes

Resolved! Is it normal behavior Swap : 0k total, 0k used, 0k free, 3751268k cached ?

Hello. Since last week in my monitoring there is an alert of 0% available in swap memory in my 5220 firewall. When I check it by cli the firewall with the command show system resources it shows me the following: KiB Swap: 0 total, 0 free, 0 used. 27097872 avail Mem Swap 0 0 UNKNOWN I would like to know if this is normal behavior, I have already ...

Global Protect Multiple URLS for Internal and External users

Hello team , I have a GP cluster Gateway and Portal . Currently we are using a single URL : vpn.abc.com for both Internal and External users . Now we want to use another URL for External : Partner.abc.com so do we need to create a new Portal and Gateway ? Remember we will still be using the same Public IP address which is for Internal u...

global protect client certificate

Hello Team,We have a global protect portal and gateways running . GP is currently integrated with AD. The certificate on GP is a wildcard signed by an external CA. Currently no certificate check is being made and authentication is purely on basis of AD creds Now the requirement is in addition to credentials a certificate check on client machine ...

Resolved! Whatsapp voice calls are not working thru firewall

Hello Community,I would like to see if anyone had any success with making Whatsapp calls and/or video to work using an internal wifi network.When I try to make a call with my cell phone, I will see "ringing..." and hear the phone ringing. The receiving side will pick up, but my side will still just see "ringing." After about 10 seconds, the ca...

Globalprotect in A-A

Hi, I have some question.If I have configure Active-Active HA and two GP portals with PA-3260.e.g. fw1's portal : 111.111.111.111fw2's portal : 222.222.222.222(limitation of SSL VPN concurrent user from PA3260: 2048 ssl-tunnels)When fw1,2 are in operation, can fw support about 2,000 user per one portal? Or do they share the number of tunnels?Sp...

gksnl11 by L0 Member
  • 2149 Views
  • 1 replies
  • 0 Likes

GlobalProtect VPN Client Welcome Page

Hello, We had the welcome page for GlobalProtect VPN Client enabled at one point. We recently disabled it but the welcome page still displays upon connect. Has anyone else run into this and found a way to permanently turn off the welcome page?

Upgraded to GP client 5.2 Driver error

I installed GP client 5.2.1 for Win 64bit and received an error about a digitally signed driver... it reverted back to the previous version 5.1.1.. did I miss something. Download the MSI from the Support site.

BurnseyBoy_0-1598481781255.png

Resolved! SSL decryption enabled and Packet Descriptor

Did SSL decryption on PA 5220 running 8.1.9. When i run below command show running resource-monitor hour last 3Resource monitoring sampling data (per hour):CPU load (%) during last 3 hours:core 0 1 2 3 4 5 6 7avg max avg max avg max avg max avg max avg max avg max avg max* * 37 71 33 70 32 87 34 70 34 70 35 70 32 70* * 35 58 32 49 30 50 32 51 3...

MP18 by Cyber Elite
  • 5040 Views
  • 4 replies
  • 0 Likes

*Urgent* TCP out of order.

Hi team, My customer is facing the TCP out of order in pcaps while accessing SMB application. He implemented the Zone protection in LAN zone which has Asymmetric path set as global, I changed it to bypass... Will this resolve the issue...?? why TCP out of order is happening..?? .

Regarding URL Filtering

Hello Everyone, I am little confused in creating URL filtering policy rule. Does allowing certain url category in the policy block everything else? For example in a policy from inside to outside i created and allowed url category online storage and backup with service application default and application any. With this policy i can't access anyth...

Pearson VUE - endless frustration with the most horrible company on Earth!!

I sat multiple exams from multiple vendors during the last 2 months and one of them was Palo Alto. All of the exams were the so called "online proctored exams" which are served by the super ridiculous OnVUE platform written by script kiddies during a high-school recess. You can login no earlier than 15 mins prior the exam during which you need t...

TheGrave by L0 Member
  • 8329 Views
  • 2 replies
  • 1 Likes

Reliability of "name-of-threatid" in threat log searches

When using the "name-of-threatid" to search threat logs I am getting very inconsistent results. Some signatures are returning properly, while others return blank results - even when I build the search syntax dynamically by clicking on the alerts in the results pane i.e. perform an unfiltered search, click on an alert name so it adds it to the se...

apackard by L4 Transporter
  • 4070 Views
  • 1 replies
  • 0 Likes

wildfire submission issue

There are certain files which were sent to wildfire for multiple times and every time we have received verdict as malicious.The same file (i have verified the file hash available in wildfire cloud) is submitting multiple times even after the verdict is malicious from old wildfire submission but it's not block. As iam running 9.0.5 PAN-OS version...

11111.png

Resolved! PAN-OS BGP

Hi, I'm familiar with BGP in general, but not so much on the Palo Alto platform. I'm peering with a service provider, but I don't see a default route being advertised toward us. The default route in the routing table is learned from an OSPF neighbour (which is the expected behaviour of course). I'm trying to find out how to see the routes that w...

Luke_R by L2 Linker
  • 3122 Views
  • 2 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks