This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4437 Views
  • 0 replies
  • 0 Likes

Bug Search Tool (New Feature & UI)

Hi all, A colleague of mine asked if it was possible to search for specific URLs or IP addresses in PAN hosted EDLs, to help figure out which EDLs they might be part of, which i found out it's not. It's pretty tedious to go through all the EDLs at https://docs.paloaltonetworks.com/resources/edl-hosting-service, so i decided to add this feature...

KasperTjellesen_3-1741174535669.png
KasperTjellesen_4-1741174580034.png
KasperTjellesen_5-1741174595294.png

Transitioning Free Trial to paid subscription

We selected the paid PA-VM subscription that includes the 15 day free trial. It looks like it won't be fully licensed until the end of the 15 day trial period. Can we skip that and enable now to get access to the support portal and wildfire api key?

Detecting Or Hunting For CVE-2025-0108

Hello Folks, I am looking for a ways to detect the attempt for this vulnerability through SIEM. Based on the blogs available the vulnerability can be exploited by accessing URL with "unauth" on management interface. So I am thinking to look for web interface access logs with keyword "unauth". However, I would like your help to get below detail...

IPSec tunnel over IPSec tunnel not working

Has anyone ever done tunnel-over-tunnel on the PaloAlto (to Cisco/etc.)? I have been having problems getting traffic to return to a remote site. I normally have multiple IPSec tunnels to remote sites (carrying specific isolated VLAN/networks) over a private WLAN, the tunnels tied to specific Network Zones on the PaloAlto. Recently I had to setup...

Add backup GlobalProtect portal to GlobalProtect client

On our PA-1410 under Network - GlobalProtect - Portals - each of our portals (one on each interface for each ISP) - Agent - Agent Config - External Gateway I added gp2.domain.com to go along with gp.domain.com. I was thinking (hoping) that would update the GlobalProtect client to add the gp2.domain.com to the GlobalProtect client as a failover ...

VPN tunnel flapping after the 11.1.4-h7 upgrade

We have upgraded our FW to 11.1.4-h7. After the upgrade the IPSEC tunnels were working fine. But from the past 2 days we are observing that tunnels are flapping and one of the tunnel is down due to phase-1 negotiation failure due to timeout. Does anyone else facing the same issue? or faced the issue earlier like this?

PAN-OS 10.2 preferred release Vs. vulnerabilities

Hello everyone, maybe this is a silly question, but as far as I can see the current PAN-OS 10.2 preferred release dates back in november and does not include fixes for recently discovered vulnerabilities (CVE-2025-0108, for example). I usually put a vulnerability protection profile in front of my management networks, but this vulnerability i...

grenzi by L3 Networker
  • 2207 Views
  • 4 replies
  • 0 Likes

GlobalProtect requires token twice - Possible RSA inconvenience

Hi Community. I have an issue on GP: it makes requests for token twice to get through VPN to my network. I discovered the RSAs feature "Next Token Code Mode", but believe PA (5050 - PAN-OS 7.1.10) has nothing to do when a NTC is requested, so I recommended my customer to open a case with RSA. Instead, my customer told me RSA answered this: https...

gastong by L0 Member
  • 17016 Views
  • 7 replies
  • 1 Likes

Lab license for Palo Alto

How hard is it to get a lab license from a Vendor such as CDW. Last week I went to their website and purchased 'PAN-PA-410-USG-BND-LAB'. Today I looked and saw it as canceled. Still trying to find out why it was canceled. The cost of $104 which I put on my credit card

Resolved! Anyone experiencing slow websites with PANOS patched for CVE-2024-0012/CVE-2024-9474?

Is anyone else experiencing intermittent slow website access with the recent hot patches for CVEs? Currently running 10.2.9-h16 and having intermittent issues with some websites, some users, while others have no issues. I can't find anything in the PaloAlto logs that indicate any problems (no threat, AV, reset connections, decryption failures, e...

Resolved! CVE-2025-0110

"Can anyone confirm whether CVE-2025-0110 affects Cloud NGFW firewall? Any relevant details would be appreciated." Cloud NGFW for AWS Cloud NGFW for Azure https://security.paloaltonetworks.com/CVE-2025-0110

Suraj639 by L0 Member
  • 1281 Views
  • 1 replies
  • 0 Likes

Upgrade path question

We have a second Palo Alto that we want to upgrade and then use as a High Availability device to work with our current operational firewall. It had been used before, but is currently offline. I was following the upgrade path from 9.0.13 to 10.2.13-h4 (latest version I could find for the 10.2.* family). I was experimenting to see what worked du...

  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks