This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Global Protect config problem: The server certificate is invalid.

Hi, In lab i am trying to setup a simple global protect configuration where the gateway and portal are on the same IP and just using local user authentication. I have a certificate for my my public IP from let's ecnrypt and have imported this into palo alto. I am able to connect to the portal without any certificate issues. But when connectin...

GOMEZZZ by L2 Linker
  • 58124 Views
  • 10 replies
  • 0 Likes

Resolved! URL filtering sequence in Panos 9.0

We are going to upgrade the PAN NGFW from 8.1 to 9.0I have below queriescase 1 : if we have below setting in URL filtering profile will be able to block facebook.com ?custom category_block* - facebook.com - blockcustom category_allow* - facebook.com - allowpredefined category - social networking - block case 2 : if we have below setting in URL ...

Deepak_K by L3 Networker
  • 3328 Views
  • 1 replies
  • 0 Likes

Resolved! How much time Panorama will be down if we upgrade it to 9.0

As per the attached image, its suggested to take maintenance window of 6 hours for Panorama upgrade activity. Also we cannot move ahead for firewall upgrade unless logging updated on Panorama.We are storing logs in Panorama-M200 and not using any device (log collector) to store the logs. can we ignore the recommended points.If its applicable to ...

Panorama.PNG
Deepak_K by L3 Networker
  • 4541 Views
  • 1 replies
  • 0 Likes

Unable to register a used PA-500 Firewall

Hey, I recently bought a PA-500 Firewall on eBay for testing in my Lab. Unfortunately, I can’t register it at Palo Alto Website, because it is already registered. So I can’t get access to resources like Firmware-Upgrades or even get access to a LAB-License… < Unfortunatelly I can't open a case because you need a registred device (or a device ...

Resolved! AE Interface State when Connected to Switch LAG

I'm working on an HA project, but can't get the interfaces to negotiate.2 x PA-3220 v8.1 2 x Dell N4032F switches latest recommended firmware The firewalls are setup for active/passive HA and the switches are configured for MLAG and have a LAG setup to connect to the firewalls. The PA ae interface on the active firewall shows one physical in...

Resolved! Want to upgrade only Panorama to panos 9.0

In PAN OS 9.0 multiple URL category feature is added(high, medium and low risk category).Is there any issue if we only upgrade panorama to 9.0 and not a managed firewalls ?We should not face configuration or commit issue as panorama and firewall will be on different platform.

Deepak_K by L3 Networker
  • 2493 Views
  • 1 replies
  • 0 Likes

Ipsec Tunnel Failover issue

We have a PA-3020 firewall pair that has multiple IPsec tunnels to a VM series pair in AWS. We have 4 IPsec tunnels that we run to the firewalls. They are: Tunnel A - On Prem to AWS FW1 over Direct ConnectTunnel B - On Prem to AWS FW2 over Direct ConnectTunnel C - On Prem to AWS FW1 over Public InternetTunnel D - On Prem to AWS FW1 over Public I...

Fr4nk4 by L2 Linker
  • 4658 Views
  • 1 replies
  • 0 Likes

Resolved! Lock down VPN for certain users

I am fairly new to Palo Alto so please forgive me if this is a simple answer or answered somewhere else.I have a requirement to lock down our Global protect for our vendors. Here is what I have.I have group mappings and User-ID mappings set up and working fine.I have 2 GP portals and 2 gateways set up. 1 portal\gateway for company users and 1 po...

refresh connection option in GP agent allowing users to disconnect GP

We disallowed users to disable global protect app in Portal > app configuration setting , but still due to refresh connection option user able to disconnect GP and using local internet for browsing.We don't want to disable GP icon from system tray due to password change policy.Also enforce global protect for network resource option in app set...

Deepak_K by L3 Networker
  • 6581 Views
  • 3 replies
  • 0 Likes

Resolved! Does Palo Alto do NAT before doing Policy Based Forwarding

Hello Folks,I'm trying to set up my Palo Alto to do Policy Based Forwarding. Does PA do NAT before Policy Based Forwarding??? I've created Policy based forwarding to send traffic to an interface, if it is sourced from an address. 10.0.0.0/24 BUT it's seems to be failing ... sometimes. I've noticed that it fails when the source traffic is NATTED...

Jedi_D by L2 Linker
  • 15325 Views
  • 5 replies
  • 0 Likes

Workaround for GPC-9415 Issue ID

Hi Team, Just want to know whether is there any workaround for the mentioned GPC issue ID. Issue ID : GPC-9415 (For the GUI version of the GlobalProtect app for Linux, SAML authentication with Microsoft Azure does not work on Ubuntu 1804 or greater versions.)Note: Below this Ubuntu version it works. On Firewall GP Agent activated version : 5.0.6...

SahulH by L3 Networker
  • 3229 Views
  • 1 replies
  • 0 Likes

Resolved! how to create policy and how to identify which ports are being used on PAN

Hi Guys, I am new to Palo Alto. I recently joined the firm and they are using any any as policy for internal to Public, Internal to WAN zone. My tasks is to identify the ports which are being used and apply the ACL. My question to experts is how to find out which ports are being used and how should I apply this ACL on PAN. I have little idea tha...

shafi021 by L2 Linker
  • 9568 Views
  • 5 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks