This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4469 Views
  • 0 replies
  • 0 Likes

unknown port 137 from GP users to Public IPs

I have GP users whose logs show multiple attempts to public IPs on port 137. I have checked this KB https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClLfCAK and made sure user-id is not enabled on Internet interface but I have it enabled on GP interface.Image above shows the NBNS pcap captured on firewall.Anyone experien...

Capture.PNG

SSL Decrypt on Virtual Wire deployment Certificate Issue (Chrome)

I have my PA-200 on virtual wire mode with Captive Portal using SSL Decrypt for all users with Self Signed Certificate.When the users try to navigate on crhrome browser to internet they receive NET::ERR_CERT_COMMON_NAME_INVALID that doesn't permit to bypass for go to untrust site. When i manually enter a site that support http or another certifi...

WhatsApp Image 2020-03-25 at 19.20.07.jpeg
WhatsApp Image 2020-03-25 at 19.43.51.jpeg
RPerez11 by L0 Member
  • 3886 Views
  • 1 replies
  • 0 Likes

MacOS connection errors while using GlobalProtect VPN client 5.0.8-4

Hi folks, So i'm having pretty bad vpn problems while working from home. It's been happening for a while, but now that I'm working remotely every day, it's become unbearable. I hope someone can assist. This is how it goes: I connect to my work vpn and after some time (maybe 10-15min, sometimes longer and sometimes shorter), requests to remote sy...

ClintP by L1 Bithead
  • 6805 Views
  • 4 replies
  • 0 Likes

Login with globalprotect before windows login

Is it not possible in some way to launch the client from the Windows login screen, create a tunnel with the users credentials, and THEN log in to Windows? Or is the only way going the machine certificate route?

gyrodude by L0 Member
  • 4979 Views
  • 3 replies
  • 0 Likes

Certificate Renewal issue

When i renew the self signed certificate i got the error. i have restart the management plane but issue still same.I have all renew from CLI but issue still same. Please suggest me

Joshan_Lakhani_1-1585827448143.png
Joshan_Lakhani_0-1585827329675.png

Resolved! Traffic logs filter on syslog

Hello team, We are sending all the traffic logs to our inhouse syslog servers. So whatever traffic is matching current security policies, all such traffic logs are forwarded to syslog server. Now in those logs, i am seeing everything like Source, Destination, port everything. Now our requirement, we need to send only specific logs to syslog for ...

johnde by L2 Linker
  • 8957 Views
  • 6 replies
  • 0 Likes

GlobalProtect opening Windows VPN settings

My company recently set up GlobalProtect to have us work from home. It works for everyone but myself. When I installed the app, it installed through the Microsoft App Store. When I try to run GlobalProtect, all it does is open a popup window with a link that opens my windows vpn settings. In other words, GlobalProtect doesn't actually run or do ...

globalprotect1.png
Pbourque by L0 Member
  • 4877 Views
  • 3 replies
  • 0 Likes

app-id question you-tube

Hi can somebody tell me the difference between youtube-baseyoutube-streaming will later only ever be there video stream. Looking to add it to GP thanks

Which logs will capture the new VPN admin creation?

Hi Team, We need to capture new VPN administrator creation at our LogRhythm SIEM end. We wanted to know in which log will we get that information. For Example, for login and logout we get logs in the below ones:GlobalProtect gateway user login succeeded.GlobalProtect gateway user logout succeeded. Please help with the log pattern for "new VPN ad...

Global Protect packages Pre-Eval prior to activation.

Is there a support page somewhere where you can obtain the various global protect packages outside of setting up a gateway? I'm looking to see how we could download specific versions to evaluate them before we activate them on the firewall. When I search Palo documentation there isn't a site where you can download those packages.

Resolved! Global Protect Portal/Gateway Public IP Question

Good Afternoon Everyone, This may be somewhere else so if i'm asking something that has already been asked, please point me to it. I am trying to set up a new vpn tunnel on a public IP from my block assigned by my ISP. I only have one interface going straight to my ISP but extra public IPs. how would i go about using the other Public IP and go t...

Problems with GlobalProtect from China?

Hi, we have a user who spends a lot of time in China, but is having major problems getting GlobalProtect working while there. Does anyone else have any experience running GlobalProtect out of China (to Norway, in our case), either positive or negative? We're seeing tunnels sometimes going down for no apparent reasons, "Failed to connect to re...

hklygre by L1 Bithead
  • 19916 Views
  • 6 replies
  • 0 Likes

Resolved! GP Gateway commit error.

Hi,, Even after i configured to "Retrieve Framed-IP-Address attribute from authentication server" Why am i still getting IP pool range commit failure ?? Please find below screenshots. Commit ErrorConfig Setting

error_.png
config_detail.png

Add config to cluster managed by panorama

Hi, we have to add SNMP profile traps config to cluster PA. This cluster is managed by panorama and have the most of the config done in panorama. So we are thinking to add this snmp traps new config directly in the FW, so it would any issue is we apply a commit in the fws for not using panorama? .we are afraid to overwrite panorama config

BigPalo by L4 Transporter
  • 2191 Views
  • 1 replies
  • 0 Likes

cli scripting mode without strict check

Hi, sometimes you have set cli config that you want to paste in CLI mode but in some occasions order of the commands is not correct. For example something like below. For the followingto work address object must be above the group otherwise you will get reference error. In Juniper you can just past them as CLI doesn't do the entire check during...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks