This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4125 Views
  • 0 replies
  • 0 Likes

How to block skype ?

I have tried https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClKTCA0https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClQWCA0but still send/receive message via skype I don't implement ssl decryption PA-850Software Version:9.1.3-h1Applocation:8300-6225(07/31/20) Tks

How to send traffic for email logs to port 587

HI Everyone, I have configured email profile to send system logs of firewall. I have configured the smtp server and my SMTP server is listening in port 587 but the firewall is sending traffic to the destination SMTP server using port 25. Can anyone let me know how to make the firewall to send the traffic to destination server on port 587? Regard...

Problem with Macos 10.15.5 with no HIP report

Hello, I'm facing a strange case with a Macos device running under 10.15.5, with Global Protect 5.0.9 installed.On the client side, there is no information displayed in the Host Profile tab.The client logs show no particular problem, and the HIP report can be found in PanGPA.log file. Obviously, the traffic from this client would fail HIP checks...

cnamurdc by L1 Bithead
  • 2686 Views
  • 1 replies
  • 0 Likes

GP Issue with LDAP timeouts

Hello Folks , We are having an issue with LDAP auth . We have two servers in LDAP profile 10.1.1.410.1.1.26 The timeout settings areBind timeout 30 secondsSearch timeout 30 secondsRetry 60 seconds The GP timeout is 80 seconds The behaviour is quite random . Most of the time the auth fails to 10.1.1.4 but it never goes to next server but some tim...

Resolved! Error when starting GlobalProtech

After installing Globalprotect the following error show. "The application was unable to start correctly (0x00007b0.I'm trying to install this on Windows 10 Enterprise. My login to this laptop has local admin rights so I don't think that is the issue. I have also tried uninstalling the program and trying the install again with virus protection ...

susdtech by L1 Bithead
  • 8089 Views
  • 7 replies
  • 0 Likes

Resolved! Certificate import via CLI on Panorama to a specific Template Location

All, I haven't opened a TAC case yet, but I am seeing an issue importing a certificate to Panorama 8.1.14-h5 via Chrome browser. We are seeing this issue on the PAN-OS fireawlls as well. I know how to (and it works) to import via CLI. However I dont see a place we can do that via CLI to a specific Template location in Panorama. Any ideas?? Mayb...

Unexpected behaviour in security policy

I have one server belongs from the DMZ zone.Example:-server ip- 2.2.2.2source ip for VPN user - 1.1.1.1VPN zoneDMZ zoneThere is 2 scenerio:-policy(1) - I have created a policy like:-sourcezone- VPNzonesource ip - 1.1.1.1destination zone - DMZ zonedestination IP - Create an address object for 2.2.2.2.Application - ANYservices - ANYAction - Allown...

Failed to add imported nodes into Panorama

Hey Team, I thought I would share my experiences with adding firewalls into Panorama and receiving the error message in the subject. The scenario is a HA pair with multi-vsys compatibility enabled - and 5 virtual systems. In all cases, adding the Primary/Active firewall to Panorama works perfectly fine; the issue lies with adding the Secondary/P...

New AppID Category

I work for a K12 School district, and like many K12 school districts we are preparing for online testing for state proficiency testing.We have also used online testing for AP testing, vocational testing, etc...Online testing is one of the high priority items for all the K12 schools in our state, and I know that other states are in the same boat....

Resolved! Panorama device management via loopback

I have remote PA firewalls deployed with IPSec tunnels back to our data center firewalls. The remote management interface is not used; I created a loopback and configured all service route items to use the loopback. However, in Panorama Managed Device Summary, it still shows the remote management interface IP (which is not connected to anything)...

Resolved! About NAT in dual ISP

Hi fellow panw admin 🙂 Need some clarity before i plan to setup my firewall, i have pretty big network. Right now the load sharing and nat handled by some appliance above firewall, no nat in firewall. I need some info about source and destination nat in dual isp scenario, i read many post about dual isp scenario in this forum but most talk abou...

Resolved! Importing cert problems

Hello Gurus,I generated CSR outside of panorama, trouble importing cert, is this allowed?When choose import cert(device->Import cert) & private key nothing happens/i see importing screen for everAll my certs are in pem format.RegardsBabu

wildfire logs showing allow action for malicious url

Two wildifire logs (16 July and 20 July ) are showing for same url with malicious verdict and action is allow. We have checked wildfire report of both logs , all information is same (same hash value , first timestamp seen is 7 July etc. ).If same url is identified in 7 July then why its showing in wildifre submission logs. Also why action is al...

Deepak_K by L3 Networker
  • 2388 Views
  • 1 replies
  • 0 Likes

Global Protect Client won't reestablishment connection after update

Hi, currently, I have a problem with the Global Protect Client Update.After using the GP Client version 5.1.1 I updated to GP 5.1.5 but after the update the connection refuses to re-establish the connection. The KBArticle (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClkSCAS) says the expected behavior is a reestabli...

  • 24336 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks