General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Trunked interfaces spanning multiple interfaces

Hi,

I'm relatively new to Palo Alto firewalls - does anyone know if this is possible? Firewall needs to control traffic between VLAN10/Internet, VLAN20/Internet & between VLAN10/VLAN20.

Thanks in advance.

refresh connection option in GP agent allowing users to disconnect GP

We disallowed users to disable global protect app in Portal > app configuration setting , but still due to refresh connection option user able to disconnect GP and using local internet for browsing.

We don't want to disable GP icon from system tray du

...

Resolved! Does Palo Alto do NAT before doing Policy Based Forwarding

Hello Folks,

I'm trying to set up my Palo Alto to do Policy Based Forwarding.

Does PA do NAT before Policy Based Forwarding???

I've created Policy based forwarding to send traffic to an interface, if it is sourced from an address. 10.0.0.0/24

BUT it'

...

Resolved! Panormoa - HA (Panoroma Mode) on VM minimum log disk size requirement

I went through the specification and found that minimum required log disk size is 2TB and then can be increased by factor of 2. Is it the strict minimum requirement or can we set up panorama ( Panoroma mode) with log disk lesser than 2TB ( e.g. 700GB...

Workaround for GPC-9415 Issue ID

Hi Team,

Just want to know whether is there any workaround for the mentioned GPC issue ID.

Issue ID : GPC-9415 (For the GUI version of the GlobalProtect app for Linux, SAML authentication with Microsoft Azure does not work on Ubuntu 1804 or greater v

...

Resolved! how to create policy and how to identify which ports are being used on PAN

Hi Guys,

I am new to Palo Alto. I recently joined the firm and they are using any any as policy for internal to Public, Internal to WAN zone. My tasks is to identify the ports which are being used and apply the ACL.

My question to experts is how to f

...

Panorama not receiving logs after rebuilding with new OVA

We had to rebuild Panorama from new OVA file. It is on version 9.0.8 and running on vmware.

Firewalls are all in-sync

This is the disk status on panorama

adm-rajrupindertoor@Panoramanv1> show system disk-space

Filesystem Size Used Avail Use% Mounted on

...

Problem renewing ssl certificates with global protect portal

Hi all,

I have the following problem. We have an ssl certificate (public ca) and this renews end of this month. We use ssl.domain.xx as gateway. Since we have to renew our certificate I ordered Networksolutions certificate and installed this within th

...

Resolved! What is the preferred way to monitor vmware view environments for User-ID?

How are others monitoring their Vmware view / horizon environments for user-id?

I see there is a terminal services agent you can use, (looks like you can only install on windows and citrix) but I haven't found specifics on actually monitoring the vmwa

...

Resolved! Log Collector question

Please explain:

Panorama must be running the same (or later) software release as Log Collectors but must have the same or an earlier content release version:

Software release version
—If your Panorama management server is not already running the same o

...

PA-850 NGFW vs Fortinet 300E

Would you guys agree that the PA-850 is the model equivalent of the Fortinet 300E?

Just doing a bit of research

Resolved! Encyrption domains / proxy ID

Hi,

I am new to setting up VPN tunnels from Palo Alto to a 3rd party firewall and I'm unsure how to setup the proxy IDs for the tunnel config. On the local side I have 9 x /32 addresses and on the remote side there are 7 x /25 subnet addresses. Do I

...

NTP sync to server 0.pool.ntp.org failed

Hello all,

we run an upgrade on our Panorama to 9.0.7.

Since a few days, I'm receiving this warning:

NTP sync to server SERVER failed, authentication type none

Same message for primary and secondary NTP server.

I switched from internal to external NTP

...

Trying to install Global Protect VPN client

Hello All..

I am trying to install the GlobalProtect VPN client on a Windows 10 box and am having difficulties.

The machine already has the Cisco AnyConnect client on it.

The install seems to complete OK, but when I try to connect with the client it nev

...

Panorama upgrade failing 9.0.5 to 9.0.8

I am getting below message at around 70%

Operation

Software Install

Status

Completed

Result

Failed

Details

Failed to install 9.0.8 with the following errors.
SW version is 9.0.8
Installing [content ] into partition "pancfg"
Nothing to install into /mnt/swm

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free