General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! Download the licenses to PA 3220

What options are there to download the license on a PA3220 replacement of a failed PA 3220 , which cannot connect to the internet, please inform me how to do it thanks

Resolved! Palo Alto Traps Support for SQ1 processor

An error while installing the Palo Alto Traps. The error This installation package is not supported by this processor type, contact your product vendor.

As per Palo alto Traps, Agent will support Intel and AMD processor only and I have Processor Micr

...

Resolved! Deny rules with service application-default

It is not clearly described in documentation and I could not find a complete topic related to it. How does application:any, service:application-default behaves when apply to a “Deny” rule?

Presumably it will block the application if application is de

...

Resolved! Syslog Custom Log Format

If I use a custom log format for syslog does the new custom format replace the existing default format?

So if I want syslog to send before-change-detail and after-change-detail do I have to add every default field to the new custom format so I get de

...

Direct Sinkhole traffic to a specific IP on 80/443

Hi Guys,

Is it possible to direct inbound sinkhole traffic to a custom IP on ports 80/443?

I am trying to see if I am able to redirect traffic hitting our "geolocation block" rule and redirect it to a block page.

Thanks.

Test security policy match cmd from Panorama CLI

Hi All ,

Can we use test security policy match cmd from Panorama ?

i can see option in GUI , but unable to find using CLI .

Thanks

IPsec VPN throughput on 3220

Hi Everyone,

As per PA-3220 datasheet IPsec throughput can be 2.5Gps.

https://www.paloguard.com.au/datasheets/pa-3200-series.pdf

The palo in my environment got 1 Gig interface (internet facing) and multiple ipsec tunnels are configured to communicat

...

BIOS Change Validation

Hi All,

Does anyone know how I can view the BIOS version via CLI without rebooting?

Best,

J

how to create virtual system in gns3

Hello Experts,

I am new to palo alto. I have installed palo alto (8.0.0) in gns3 but there is no option of creating virtual system. May i know how to create ? Also could you please let me know from where can i learn palo alto. Is there any document/we

...

Both firewall become Active in Active Passive setup.

Hi Team,

Can anyone tell that in what situation both firewalls become active in Active- Passive setup of HA?

Thanks in advance!!

Issue with global protect VPN 5.0.8 on MAC machines

Hi Team

We are facing issues with the newer version of global protect client version 5.0.8 on MAC machines. The client once installed, doesn’t ask for credentials & try’s to connect directly to the vpn. Please let us know if there is an know bug rela

...

Firewall PA-220 Replacing default localhost SSL certificate

I created Certificate request, generated SSL certificate to match IP address of my Palo Alto firewall (CN=management IP) and uploaded cert following this guide:

https://www.ssldragon.com/blog/how-to-install-an-ssl-certificate-on-palo-alto-networks/

Th

...

Email notification on Palo alto devices, in case of disk full.

We need help in configuring the Email notification on Palo alto devices, in case of disk full.

Resolved! Query on how to to use filtering or search scope

We are using PA-850.

We are constantly getting alert: Error for user group count exceeds 1000 threshold.

We understand the error is due to hardware limitation of the PA model and it is restricted to 1,000 AD groups.

We would like to know how to use f

...

URL filtering does not work with Firefox

I am applying URL Filtering but I notice that with chronium type browsers it applies the blocking, making tests I see that the filters are not being applied when you surf with Firefox.

You can even enter XXX pages.

What's wrong?

I am bringing user group

...

Discussions

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Resolved! Download the licenses to PA 3220

Resolved! Palo Alto Traps Support for SQ1 processor

Resolved! Deny rules with service application-default

Resolved! Syslog Custom Log Format

Direct Sinkhole traffic to a specific IP on 80/443

Test security policy match cmd from Panorama CLI

IPsec VPN throughput on 3220

BIOS Change Validation

how to create virtual system in gns3

Both firewall become Active in Active Passive setup.

Issue with global protect VPN 5.0.8 on MAC machines

Firewall PA-220 Replacing default localhost SSL certificate

Email notification on Palo alto devices, in case of disk full.

Resolved! Query on how to to use filtering or search scope

URL filtering does not work with Firefox

IPv6 on public interface

Template- Variable CSV greyed out

Can't find the "Republic of Kosovo" in the "Firewall Region Code Legend"

Device - certificate based authentication

Failover IPSEC tunnels with tunnel monitor keeps both tunnels active

Re: Allow all web addresses with .gov and .edu extensions

Re: Wildcard URL for Non-HTTP/HTTPS traffic

Re: Howto delete sub-interace from cli

Re: SSL Inspection issues with GlobalProtect users

Re: What is still missing or needs to be improved in PA Next Generation Firewalls ?

Unlock your full community experience!

Resolved! Download the licenses to PA 3220

Resolved! Palo Alto Traps Support for SQ1 processor

Resolved! Deny rules with service application-default

Resolved! Syslog Custom Log Format

Resolved! Query on how to to use filtering or search scope