This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Resolved! HA Status Options UnKnown or Down

I have a pair of Palo-220's that I've pushed my templates to from Panorama and now the HA options on both devices are in an UnKnown or Down state. These templates have been pushed out to multiple other pairs I have setup alos but this pair is only one to have the issue. I have a case open and have been on hold with Support now for over an hour s...

thambright_0-1590770397016.png

can we import duplicate Ccommon name certificate of diffrent vendon?

We already using sectigo cert for gp gateway *.example.com. We have purchased same wildcard certificate from reddit.Sectigo certficate is going to expire before that we want to test GP gateway on new certificate signed by reddit.We will configure GP on our secondary ISP and will create DNS host entry in our machine to test the same. Can we impor...

Deepak_K by L3 Networker
  • 2292 Views
  • 1 replies
  • 0 Likes

Resolved! How to handle outlook repeatedly retrying blocked file downloads

In File Blocking Security Profile, I am blocking encrypted pdfs. Looking at the Data Filtering Logs, every few seconds office365-enterprise-access application is trying to download encrypted pdf and it gets denied. There also is not file name listed, so it's not clear how I can attribute this to a message and delete it. How are other people ha...

Resolved! Issues with https://urlfiltering.paloaltonetworks.com/

Hello Everyone, I am trying to recategorize a website using https://urlfiltering.paloaltonetworks.com/ I selected the correct category in my opinion, gave a quick explanation in the comment and then got the following error message after some processing time: "Your submit has some problems. Please try again!" I tried a couple of different website...

Query on DH group for IPSEC VPN

We are having issue in building an IPSEC tunnel on a Palo firewall. Using ver 9.1.2. Getting below error 'IKE phase-1 negotiation is failed. Couldn't find configuration for IKE phase-1 request for peer IP... The peer IP type is Dynamic with no proxy ID in use. We are using IKEv1, DPD is disabled, NAT-t is enabled, Phase1 & 2 are matching at ...

NSX-T east-west traffic integration sizing question.

Hi,I have a question about using palo alto for east west traffic inspection in an NSX-T environment. There are 2 deployment models in a service cluster and per host model. https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series-firewall-on-nsx/set-up-the-vm-series-firewall-on-nsx-t-east-west/supported-deployment...

GOMEZZZ by L2 Linker
  • 3008 Views
  • 1 replies
  • 0 Likes

Palo Alto hardware without license limits

Yes, I already know without license i don't get the following but i want know about like VPN, firewall rules and etc.. limits1. Security profiles (Anti-Virus, Anti-Spyware, URL Filtering, Wildfire) will not work2. Clientless GlobalProtect, HIP will not work3. All the updates will not work (software and dynamic) I know the virtual firewall limits...

Custom BlackList

I have a custom blacklist and when i try to import text files with URL it failanybody know what problem is can be?

Global Protect - Split Tunnel not Disabled

I am having an issue with both windows and Mac clients.I have enabled the no direct access to local subnets option but I am still able to browse to my local router and I am getting reports of users being able to access local printers.currently the access include and exclude networks are blank.The GP solution is on a VM in AWS on FW version 9.0.7...

SebastB1 by L0 Member
  • 3785 Views
  • 3 replies
  • 0 Likes

Resolved! GRE support on PAN?

HiIs it possible to terminate GRE tunnels on PAN device?I'm planning to have multiple IPSec tunnels from all branch offices connecting to PA-2020 firewall, in each of these I would like to have GRE tunnel and then OSPF running, so in short: GRE over IPsec + OSPF. Is it possible? Apparently OSPF over IPSec is supported 'out of the box' on PAN OS,...

Applications are not opening properly from the Clientless VPN

We have configured a clientless application on PA. It s working fine it's taking to the application, Following the Home page and other contents are accessing but from there we not able to open few the popup menu tabs from the application.Application is based on IP, not URL base. please find the details with Clientless VPN.https://XXX.XX.X.XX/htt...

Clientless VPN not resolving URL domain names

I recently set up the Clientless VPN feature in PAN-OS 8.0 and I'm having problems with the domain names for the Clientless Apps not resolving. I added a DNS Proxy in the Clientless VPN section of the GlobalProtect Portal that is associated to the GP Portal interface and the interface that's connected to the network where the Clientless App live...

jwolach by L4 Transporter
  • 6418 Views
  • 4 replies
  • 0 Likes

JAVA Webportal ist not completly working With Clientless SSL Webvpn

I have a problem with my PaloAlto Firewall 3020 Clientless SSL Webvpn., our JAVA Webportal ist not completly working.Our clientless SSL Web Portal is running on PaloAlto Firewall 3020 with Version 9.7It is comming the following Error."ClassNotFoundException"Has somebody the same problem?I need a solution, because we are using this solution for U...

Mudather by L0 Member
  • 3037 Views
  • 2 replies
  • 0 Likes

HA Configuration Giude

I've been using firewalls for years, but in the last 12 months I've made the switch to PA, and I've been learning it slowly.As part of this, I created a video on how to configure HA, but also on how HA works (HA types, link types, failover handling, etc). I hope this is able to help out someone else who is also learning:https://www.youtube.com/w...

Luke_R by L2 Linker
  • 3436 Views
  • 2 replies
  • 1 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks