This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4390 Views
  • 0 replies
  • 0 Likes

Global Protect Gateway

Hi everybody, I'm getting through this issue: although we have 3 gateways configured in our portal, my GP client allways connect to the same one. How to deal with this client behavior?Tks in advance

Email Alerts for Reporting

How we can set up email Alert for report We have an O365 email environment that is based on Azure Cloud. looking for Email alerts for reporting and My Email ID has MFA for accessing the emails. Now I have applied my Email ID in the Palo Alto 3060 for report sending. after applying Email Profile and Attempt to test the Email-scheduler. An Error t...

Resolved! Keeping UID to IP address Associations Current - A.K.A. UID Refreshes / Timeouts / Confirmations

This is a question about how a firewall, FW, keeps IP to UID associations current/up-to-date in an environment where such associations might be changing every few seconds. A FW associates a UID with an internal IP address, e.g. 10.10.10.10, which has no UID associated with it. Let's say that I logon as ipj1965 from 10.10.10.10. The first time a ...

Resolved! forcefully logout all GP users from gateways

Hi Anyone, I'm trying to logout all GP VPN users forcefully logout from the gateway either doesn't logout users or no errors throwing on command as well >request global-protect-gateway client-logout gateway gp-gateway reason force-logout user * computer * Login & logout time is same before and after execute this commands. Please let me kn...

Karup by L1 Bithead
  • 11708 Views
  • 4 replies
  • 0 Likes

SSL Inbound Decryption and PA

Hi Everyone, Learned something new from you today.We are going to enable SSL decryption for Inbound traffic coming from Internet to our web servers.Need to know when does PA intercept the traffic coming form Internet to the web server which is hosting the website? During 3 way TCP handshake or when first Data packet comes? RegardsMP

MP18 by Cyber Elite
  • 3122 Views
  • 3 replies
  • 0 Likes

Eventid eq routed-OSPF-neighbor-down

PAN-OS - 8.1.12 Want to understand the below Massage and Why it occurs ?? >less mp-log routed.log 2020-04-15 09:28:05.296 +0400 TM_SPF: start full SPF calculation rid 172.16.80.162020-04-15 09:28:05.296 +0400 TM_SPF: Do the full SPF calculation rid 172.16.80.162020-04-15 09:28:05.296 +0400 TM_SPF: full routing calculation finished rid 172.16....

PAN GPA Service issue error - return error code = 10061.

PAN GPA is giving error , checking service on PC it reports stopped when I try to connect through agent. Tried to uninstall and install again , did not help. anyone faced same issue ? T14992) 04/17/20 08:50:44:186 Debug( 692): CAC, name is DigitalMediaDevices(T14992) 04/17/20 08:50:47:523 Info ( 246): InitWinConnection ...(T14992) 04/17/20 08:5...

Resolved! Configuration of Security Profiles

Hello, I have a question related to the actions that I can configure in Security Profile. Specifically, Vulnerability Protection. What happens if I set the action as "Alert"? Will it drop the connection? Or the connection will be permitted, and it just logs the traffic of the malicious action executed? Regards,

iscott by L2 Linker
  • 2731 Views
  • 1 replies
  • 0 Likes

Active/Passive vs. Active/Active

I am currently working on a network redesign project with all Cisco gear. Our network engineer is opting for a complete HSRP Active/Active environment. According to all deployment documentation, HA Active/Passive seems to be the preferred methed for the Palo Alto's. I see that the PA's do support A/A HA using VRRP, so I do not see a configuratio...

Resolved! Need Upgrade Tips

I am planning to upgrade Panorama and my few HA clusters to version 9.0.6. Currently all these are on 9.0.3-h3.Need your experience on 9.0.6 if anyone is already running on it. Is there any unknown issue/bug observed on this version?I have completely aware of known issues but just wanted to check if anyone observed any bug on this version and cr...

johnde by L2 Linker
  • 5765 Views
  • 4 replies
  • 0 Likes

Resolved! SSL Inbound Decryption and Certificate with Wildcard mask

Hi Everyone, Hope everyone is staying home and Safe.I need to import the certificate and the private keys to the firewall from the web servers.We have this certificate say *.city.ca and this is associated with few websites like maps.city.ca. or recruiting.city.caAll these urls have same public IP address say 209.x.x.x When I import the certific...

MP18 by Cyber Elite
  • 3644 Views
  • 2 replies
  • 0 Likes

Question about Service Route Configuration

I just inherited a PA-820 and know nothing about this device. It's unable to connect to the cloud for updates. Currently it's service route is set as the default (Management Interface). I was told by support to switch it to an untrusted interface to resolve this. I can see how that is done via this article: https://knowledgebase.paloaltonetw...

Cmaddox by L0 Member
  • 4558 Views
  • 2 replies
  • 0 Likes

Cannot check for new Dynamic Updates

Hello, I have a PA-200, version 7.0.10 (I know, too old) I'm planning an upgrade to 8.1, but I understand that I have to download Dynamic Updates before upgrade, am I right? The issue is that I can't Check for Dynamic Updates, I've tried with Check Now, but nothing happened, neither with command request content upgrade check: Version Size Releas...

emendezo by L1 Bithead
  • 6107 Views
  • 6 replies
  • 0 Likes

Files' upload problems

Hi.I'm searching for someone can help me.My problem started when I tried to upload custom logo for the login page.The upload fails becouse the process blocks itself and never ends.I had the idea to try the "Import named configuration snapshot" function in the same web page of PA3260 administration site.Thinking it would be failed, I used the log...

  • 24370 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks