This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

VLAN entry

Hi I have a network with IP addresses in the range of 192.168.100 and 192.168.130 on two singular network cards on the same machine on the local network. Port 4 on the firewall is plugged into another device with the .130 range IP. Port 1 on the firewall is plugged into the local network. I can’t contact the other device from the machine. Any ...

Update to 8.0.6 appears to have broken IPSec tunnel connections

Since our PA updated we've had a problem with one IPSec Tunnel not routing correctly. It appears to relate to just one Proxy ID but I've checked all and they're exactly the same as the PFSense box we're connecting to. Everything was fine until the update to 8.0.6. I've followed this KB... https://live.paloaltonetworks.com/t5/Management-Articles/...

Resolved! HA Status Options UnKnown or Down

I have a pair of Palo-220's that I've pushed my templates to from Panorama and now the HA options on both devices are in an UnKnown or Down state. These templates have been pushed out to multiple other pairs I have setup alos but this pair is only one to have the issue. I have a case open and have been on hold with Support now for over an hour s...

thambright_0-1590770397016.png

can we import duplicate Ccommon name certificate of diffrent vendon?

We already using sectigo cert for gp gateway *.example.com. We have purchased same wildcard certificate from reddit.Sectigo certficate is going to expire before that we want to test GP gateway on new certificate signed by reddit.We will configure GP on our secondary ISP and will create DNS host entry in our machine to test the same. Can we impor...

Deepak_K by L3 Networker
  • 2298 Views
  • 1 replies
  • 0 Likes

Resolved! How to handle outlook repeatedly retrying blocked file downloads

In File Blocking Security Profile, I am blocking encrypted pdfs. Looking at the Data Filtering Logs, every few seconds office365-enterprise-access application is trying to download encrypted pdf and it gets denied. There also is not file name listed, so it's not clear how I can attribute this to a message and delete it. How are other people ha...

Resolved! Issues with https://urlfiltering.paloaltonetworks.com/

Hello Everyone, I am trying to recategorize a website using https://urlfiltering.paloaltonetworks.com/ I selected the correct category in my opinion, gave a quick explanation in the comment and then got the following error message after some processing time: "Your submit has some problems. Please try again!" I tried a couple of different website...

Query on DH group for IPSEC VPN

We are having issue in building an IPSEC tunnel on a Palo firewall. Using ver 9.1.2. Getting below error 'IKE phase-1 negotiation is failed. Couldn't find configuration for IKE phase-1 request for peer IP... The peer IP type is Dynamic with no proxy ID in use. We are using IKEv1, DPD is disabled, NAT-t is enabled, Phase1 & 2 are matching at ...

NSX-T east-west traffic integration sizing question.

Hi,I have a question about using palo alto for east west traffic inspection in an NSX-T environment. There are 2 deployment models in a service cluster and per host model. https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series-firewall-on-nsx/set-up-the-vm-series-firewall-on-nsx-t-east-west/supported-deployment...

GOMEZZZ by L2 Linker
  • 3013 Views
  • 1 replies
  • 0 Likes

Palo Alto hardware without license limits

Yes, I already know without license i don't get the following but i want know about like VPN, firewall rules and etc.. limits1. Security profiles (Anti-Virus, Anti-Spyware, URL Filtering, Wildfire) will not work2. Clientless GlobalProtect, HIP will not work3. All the updates will not work (software and dynamic) I know the virtual firewall limits...

Custom BlackList

I have a custom blacklist and when i try to import text files with URL it failanybody know what problem is can be?

Global Protect - Split Tunnel not Disabled

I am having an issue with both windows and Mac clients.I have enabled the no direct access to local subnets option but I am still able to browse to my local router and I am getting reports of users being able to access local printers.currently the access include and exclude networks are blank.The GP solution is on a VM in AWS on FW version 9.0.7...

SebastB1 by L0 Member
  • 3786 Views
  • 3 replies
  • 0 Likes

Resolved! GRE support on PAN?

HiIs it possible to terminate GRE tunnels on PAN device?I'm planning to have multiple IPSec tunnels from all branch offices connecting to PA-2020 firewall, in each of these I would like to have GRE tunnel and then OSPF running, so in short: GRE over IPsec + OSPF. Is it possible? Apparently OSPF over IPSec is supported 'out of the box' on PAN OS,...

Applications are not opening properly from the Clientless VPN

We have configured a clientless application on PA. It s working fine it's taking to the application, Following the Home page and other contents are accessing but from there we not able to open few the popup menu tabs from the application.Application is based on IP, not URL base. please find the details with Clientless VPN.https://XXX.XX.X.XX/htt...

Clientless VPN not resolving URL domain names

I recently set up the Clientless VPN feature in PAN-OS 8.0 and I'm having problems with the domain names for the Clientless Apps not resolving. I added a DNS Proxy in the Clientless VPN section of the GlobalProtect Portal that is associated to the GP Portal interface and the interface that's connected to the network where the Clientless App live...

jwolach by L4 Transporter
  • 6420 Views
  • 4 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks