This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4104 Views
  • 0 replies
  • 0 Likes

Migrate config from Sophos UTM9 to Palo

hi, I need to migrate a Sophos UTM9 FW. It has proxy config, nats, LDAP integration, policies........... to Palo Alto firewall Is there any tool to migrate Sophos to Palo. Expedition not support Sophos 😞 any idea? thanks

BigPalo by L4 Transporter
  • 399 Views
  • 1 replies
  • 0 Likes

Resolved! Panorama API ServiceNow integration, getting Hit Counts

Dear Community We try to get out the hit counts from the API connection between Panorama and ServiceNow. Is there someone in the community who has experience where the hit counts can be read out? Within the API documentation, we were not able to get more details. We are able to read the whole rules, their object groups and also the objects. Bu...

Sectigo Root CA Trusted Store Request

Greetings, Sectigo has (recently) updated their Public Root Certificates (mid-2025), introducing new roots including: - RSA: Sectigo Public Server Authentication Root R46(https://crt.sh/?d=4256644734) KB Articles for reference: https://www.sectigo.com/knowledge-base/detail/Sectigo-Root-Certificates https://www.sectigo.com/knowledge-base/deta...

L.Yalezo by L1 Bithead
  • 6806 Views
  • 8 replies
  • 1 Likes

Resolved! Custom URL Category Configuration Verification.

Is anyone able to confirm this for me by chance? I'm trying to do some testing, but being able to find independent confirmation would be a nice comfort to me. In a Custom URL category list, is an entry like:abc.com/ equivalent to:abc.com/*? Thanks!Thanks!

"Bugs" on Syslog Field Descriptions documentation PAN-OS 11.1+

I found a lot of "bugs": typos, missing fields, unstandarized naming, etc. in the Syslog Field Descriptions documentation PAN-OS 11.1+ All the inconsistencies are documented in https://github.com/enotspe/palos/blob/main/EDGE_CASES.md Hopefully Palo Alto team will correct it

enotspe by L0 Member
  • 1523 Views
  • 2 replies
  • 0 Likes

Ground Stud: Who Needs 'Em, Really?

Many devices seem to come with a Ground Stud on the back (ground cable not included, of course). It just occurred to me that I can't think of a single time I've seen this used. So... I'm not very electrically-inclined... I couldn't explain 3 phase power, and I still can't wrap my head around the difference between watts and volt-amps (seeing ...

locampo by L2 Linker
  • 1314 Views
  • 2 replies
  • 0 Likes

Question about ECH and its effect on URL filtering (without decryption) + how to block it

Hi team We have received reports from users regarding URL filtering behavior and are investigating whether ECH (Encrypted Client Hello) is the cause. In our environment, we cannot apply SSL decryption, so we rely on inspecting the SNIin the ssl_client_hello. In Wireshark captures of the TLS ClientHello, we see the extension “encrypted_client_hel...

Alpalo by L4 Transporter
  • 1822 Views
  • 1 replies
  • 0 Likes

Avaya ports Blocking

Hello, We recently installed Avaya UCS and are currently using the Avaya Workplace application. For this setup, we configured the required security rules on our Palo Alto Networks PA-440 firewall. However, we are experiencing an issue when applying specific ports in the security policy. We tested the following scenarios: Security Rule Config...

Wildfire False Positive on Detection of .XLSX extension

Wildfire False Positive on Detection of .XLSX extensionfrom Feb 24th,2026. In our organization started receiving wildfire alerts as information severity for the office extensions files for example. .xlsx files. hash value : 6e81b1b3fc08fb5f481d8882caeeafdf89f1c054abc71d4645da25f6b1ac516bclean as per analysis and sandbox analysis also clean leg...

Screen reader Application hang

We are seeing issues whereby JAWS Screen Reader ‘hangs intermittently’ creating a full grey screen in windows with spinning eggtimer once clicked the application closes and creates a windows hang event. limited dump logs have identified a potential root cause of cortex, global protect or potentially DEM agent. is there a way to see what if a...

Import Certificate using new Cloud Option

Hi Has anyone recently imported any SSL certificate using the new Cloud option where it lets import AWS/AZURE certificates on panorama (photo attached). How does this feature work, it only lets you put the Cloud Secret name, tried putting the ARN but it errors out.. Panorama is integrated with AWS tenant for Cloud ngfw management, so is it usi...

Failed to validate client certificate, thread : 0, 1-0!

Hi team Version PA 11.1.6-h3 Model 1420 Version USER_ID 11.0.1 Windows 2019 We have had an incident with the User ID agents, which have been disconnected from the firewall. In the logs of the firewall itself the error message was: “Redistribution Agent <agent name>: details: close connection to agent”. On the other hand, reviewing the ag...

Alpalo by L4 Transporter
  • 1317 Views
  • 2 replies
  • 1 Likes

Resolved! URL Category - Is a trailing / necessary when adding sites?

This question relates to the creation of URL Category objects. When adding a new site, PAN-OS shows the following disclaimer: "For domain entries, we recommend you use an ending token. Acceptable tokens are: . / ? & = ; +. If you choose not to use an ending token, you may block or allow more URLs than anticipated. For example, if you want to...

deeryolk by L1 Bithead
  • 2495 Views
  • 2 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks