This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4121 Views
  • 0 replies
  • 0 Likes

High DP utilization alert

Palo-Alto event “Dataplane under sever load” triggers when the CPU utilization is 100%. In Palo-Alto firewall is there any option to set threshold for the CPU Dataplane , means if CPU Utilization is to 90 or 80% it will generate alert in system logs and that we can use it to receive via email.

Deepak_K by L3 Networker
  • 4673 Views
  • 1 replies
  • 0 Likes

Resolved! HA Path Monitoring using virtual-router

So, I am new to Palo Alto firewalls and have had an interesting time getting to know their functions. I have a question which I have not been able to find the answer on regarding HA path monitoring setup specifically with a virtual router. Albeit, I have only been looking for a few days.According to my understanding, when you setup path monito...

Unable to Upgrade a PA-3050

I've purchased a used PA-3050 that's currently running version 5.06 to 6.0, but I'm running into trouble with first upgrading the content version. I'm getting an error about needing content version 401 or greater. I've tried to do a content update via Panorama. Would this document be the only way to upgrade: https://knowledgebase.paloaltonetwork...

Resolved! User-ID Struggles with picking up computer account logons

Hello! I have an open ticket with Palo Alto for our 5020 series and User-ID problems. My organization has been using PA for years and we never had issues with the User-ID portion until after moving into version 8 (it would seem). Support hasnt been much help for this question, so I want to figure out what your doing for this. I have our User-ID ...

Global Protect Enforcing VPN

Hello, I need to enforce VPN so users will not be able to access Internet unless tunnel is establish or wired corporate network is connected. Users should also be required to supply credentials and MFA every time the tunnel is built when accessing from external networks. Once the laptop is inside on the corporate network the connection should no...

SSL inspection decrypt error from some client

Hello to all, We have a linux website that we made working with inbound ssl inspection by disabling curve25519 / x25519.Some clients report errors ( always showing as decrypt errors on the monitoring) accessing the site: by taking a networrk trace on the firewall side it seems like all the client are trying to negotiate TLS V1.If I try with the ...

Adding multiple client certificate in Linux GP agent

Hi Community, I have a requirement to add multiple client certificate into Linux GP config. Usually, whe we put 'globalprotect import-certificate --location <cert_location>', the existing client cert will be overridden with the new one and it will be imported as pan_client_cert.pfx under /opt/paloaltonetworks/globalprotect .. Is there a wa...

Resolved! TLS 1.3 Downgrade Detected error - PAN-OS 9.0.9

Hello Everyone,I am running PAN-OS 9.0.9 on my PA-3020. When enabling SSL forward proxy and try to access google.com, I get the tls13_downgradedetected error on chrome. I get the same problem even when using other browsers but different error description. When I first applied the SSL forward proxy configuration, I was running PAN-OS 8.1.3. So I...

PaloAlto VM Tools VIX_E_TOOLS_NOT_RUNNING using PowerCLI to Invoke-VMScript

Trying to configure my PaloAlto Firewall (PA-VM-ESX-9.0.0) using PowerCLI scripting, no issue creating & deploying VM, setting up PortGroups, and starting PA VM. Needing to perform IP configuration scripting to complete the setup of the PA VM, so just trying to test a very simple script = 'show system info' against the PA VM. Looking at th...

wilgus by L0 Member
  • 3889 Views
  • 1 replies
  • 0 Likes

Resolved! Shadow Rule Warning

Hi, Recently I upgrades my firewall from PANOS 8.0.10 to 8.0.17. The upgrade went fine. However, after making a small configuration change (adding a new address object), my commit showed a Shadow Rule warning. The warning is associated with a rule that I have that is designed to Deny traffic from ANY zone and ANY application whose destinatio...

  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks