This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

Resolved! GP- AD auth and SMS through ext radius

Hi all , Has anyone accomplished to authenticate external users 1st with AD through LDAP profile and then SMS through radius to another server ? I guess 1st authentication will done in the portal and SMS auth profile can be added on the gateway ?

Resolved! Custom URL category not matching in security policy

On my PA 9.1.0 firewall, Ive created a custom URL category 'Akamai' with a url list comprising *.deploy.static.akamaitechnologies.comIn my security policy i have a rule allowing any source (trust zone) to reach any destination (untrust zone) via any protocol and any application. The rule specifies 'Akamai' under the Services/URL category. log an...

PA-200 with 4G LTE modem

I've got a PA-200 at home with a Huawei B525-23a router set to "bridge mode" with an EE data sim installed (no broadband where I live) The outside interface is set to DHCP and gets an IP address but no clients on the inside can resolve DNS. I can see the logs showing that DNS requests have 'aged-out' but think that's expected for UDP DNS queries...

Pcap VPN SSL

Hi, Is there any way to take a pcap in plain text about a VPN-SSL connection?

BigPalo by L4 Transporter
  • 3245 Views
  • 3 replies
  • 0 Likes

Total internet Bandwidth

I went to see total internet bandwidth. I have already apply QOS. But I went to see on 3rd party tool. Suggest how can i achieve this requirement.

Connection error 10022

Have yet to see an answer to the 10022 error message. Here is my log. Can anyone help. I have contacted support staff at UW Madison and they sent something to paloalto. I thought I might get a quick response from this group. I may be working from home soon. (T8800) 03/14/20 22:19:52:716 Info ( 246): InitWinConnection ...(T8800) 03/14/20 22:19:5...

Pan GlobalProtect Driver installation failed with error=4 /Windows 10 with GlobalProtect 5.0.5-28

Simply trying to re-install the GlobalProtect version above. The .msi runs to completion and indicates a successful install, but it's not functioning afterward. The message in the title is from the PanGPS.log. We've been through several iterations of de-install, reboots, registry cleans, etc. Yes, we have administrative rights. No joy after...

RandlHam by L0 Member
  • 14059 Views
  • 1 replies
  • 0 Likes

Resolved! GP on PA-500 how many users?

My customer has a PA-3020 setup for GP. Now they want their branch PA-500 enabled for GP as well, so users can connect direct for access to the branch resources. I cannot find any spec's about the usage limit for GP on a PA-500.Anyone has a ballpark what to expect? 20, 50 or 100 users? Thanks all!

CHKlomp by L2 Linker
  • 3336 Views
  • 1 replies
  • 0 Likes

Resolved! DHCP relay for L2 switches

I am working on a network segmentation project for our organization. We currently run Cisco switches and all devices reside on the default VLAN, VLAN 1. All routing is currently done on our PA-850. On the PA-850, I have configured the new VLAN's as sub-interfaces and all switches for layer 2. If I put a PC on any VLAN and set a static IP address...

Global Protect Pre-login issue with Microsoft Windows PKI generated machine cert

Hi, We are trying to setup always on + Pre-Login with Machine cert which generated by Microsoft PKI and distributed by GPO when user turned on the machine . Then, when user login to the machine, it will use windows logon with SSO. Like this KB. https://docs.paloaltonetworks.com/globalprotect/9-0/globalprotect-admin/globalprotect-quick-configs/r...

Panorama Managed Devices names missing in HA peer, and show as disconnected when they're not!

Hi, I'm using Panorama 8.1.13 to manage 60 or so firewalls. Mostly PA-220s with a few PA-5220. These firewalls are in a number of templated device groups. Both Panoramas are M100 appliances. The Managed Devices are correct on the primary Pano. The Device Names and Serial Numbers are correct, and they are in the correct device groups.My problem i...

Global Protect Info

Hi, We have two GP gateways configured in our PA. We realised that the passive PA unit, we can see "remote users" connected. Why is this? It shouldnt be asumme all GP user sessions in the active unit? On the another hand, what is the OID (SNMP) to get tha value total users connected per GW? is that possible?

BigPalo by L4 Transporter
  • 2482 Views
  • 2 replies
  • 0 Likes

Resolved! GlobalProtect IP pool exhaustion / overflow to secondary IP pool?

We have 2 IP pools configured for each GlobalProtect gateway to help with IP conflicts. If the first IP pool is exhausted, will the secondary IP pool continue to distribute IP addresses? Due to the recent influx of remote users, I want to make sure we have enough IPs to hand out for the GP clients connecting. If not, I need to increase the prima...

IPsec VPN tunnel cant ping eachother

Hi there, I cant figure it out why tunnel interface cant ping each other even site to site VPN is up and running fine. Is there anything I am missing here?? I have setup multiple site to site VPN with all other vendor and its just works fine. This is to Palo to Palo.i did test vpn ike-sa and ipsec-sa multiple time but still no luck Thanks in adv...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks