General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Global Protect Feature - Enter client's notes per connection

Hello,

We have Global Protect VPN profile that provide access to our environments and I need to let the clients to justify every connection to the VPN.

I'd like to know if it is a way to open a text box for every VPN connection to let the client enter

...

Content and Antivirus updates failing

Anybody else encountering this issue in the last days?

Content and antivirus updates are failing with "Failed to download due to generic communication error. Please try again later."

The internet access itself is OK. The issue seems to be on the Palo A

...

Resolved! HA between two different Palo Alto Networks devices

Hello,

Can I set up a HA between PA-500 and PA-220?

I searched a response to my question in the PA documentations but I found that it is required to have two same model of Palo Alto Networks:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?i

...

Traffic Shaping requirement

Our customer wants to shape the traffic to 40 mbps user.

I can see they have a QOS rule for all Traffic, class 4 is in use, does it mean the current shaping is 400 mbps?

Is it per client or overall? How do we achieve customer request (traffic shaping

...

Resolved! Having trouble passing traffic from one VPN through to another

Hi all,

Here's what I'm trying to do - I have a PA firewall with two VPNs - let's call them A and B. I'm trying to work out how to get traffic from site A to route through to site B, but it's eluding me - the site B tunnel doesn't come up.

I have tun

...

Globalprotect Block sessions if the certificate was not issued to the authenticating device

Hello,
My organization is testing out GlobalProtect for Linux and we've quickly realized that the certificates we deploy through SCEP (MS NDES, Certmonger) can be utilized on other systems than whom they were intended for. This opens up for users with

...

Order of entries in the session browser or show session all command

Can anyone explain what order the session are in when viewing sessions in either the session browser or using the show session all command. For me, it is not obvious. Am I missing something?

Multiple URL Global Protect Multiple FQDN

We would like to use multiple URL's to access our Palo with Multiple LDAP authentication.

portal.company1.com

LDAP1

portal.company2.com

LDAP2

portal.company3.com

LDAP3

We could also do like

C1.company.com

LDAP1

C2company.com

LDAP2

C3company.com

LDAP3

Can a

...

GlobalProtect - Windows 10 - Client Won't display

I have a fresh install of Windows 10. When I right click on the GlobalProtect icon in the tray no menu ever shows up. I see the GlobalProtect icon in the taskbar but any click on it will make icon dissappear. Any ideas or workarounds?

I have re-in

...

Can't receive Multicast traffic from un-trust zone to trust zone

Dears,

We should receive a multicast traffic from a third party router that are connected to our un-trust zone.

This multicast should be received on a server that are connected to LAN environment (trust zone)

Firewall is PA-820 and OS is 9.0.4

We tried

...

GlobalPotect initial login

I have deployed the GlobalProtect Always-On VPN via the MSI.exe, where the external gateway is specified. The GP client installs fine on the Windows endpoints.

The remote user logs into the Win 10 endpoint with their Windows domain credentials as no

...

Resolved! PA5050 | PSU | two failed power supplies

Hi All,

We have a dead PA5050 device due to double failure of PSU.
One day failed first power supply and PA5050 worked fine on remaining only. A day after failed second power supply and PA5050 died.
As soon as our support contract ended we can not ask

...

Different log retention periods

Hi,

for privacy reasons our customer has different log retention periods. He want's to delete all personally identifiable traffic log for traffic from internal to external to delete after 7 days. Also traffic logs for blocked traffic from externel to

...

Resolved! No Objects after successful Fortinet import in Palo Alto Expedition

After 'successfully' importing a FortiGate configuration file into Palo Alto Expedition, I do not see any Address Objects or Security Rules. I do see the Interfaces and Security Zones.

The FortiGate configuration file was exported using FortiiManager

...

Resolved! Global Protect 8.1 - HIP Profile doesn't work - No logs, No HIP profile found from CLI, No Matches

I have Global Protect VPN configured and everything is working, but the moment I apply a HIP-Profile to my security rule (for my VPN Users), they immediately do not match my VPN security rule. I get no HIP logs, I cannot find any hip profiles. I conf

...

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Resolved! Global Protect Feature - Enter client's notes per connection

Content and Antivirus updates failing

Resolved! HA between two different Palo Alto Networks devices

Traffic Shaping requirement

Resolved! Having trouble passing traffic from one VPN through to another

Globalprotect Block sessions if the certificate was not issued to the authenticating device

Order of entries in the session browser or show session all command

Multiple URL Global Protect Multiple FQDN

GlobalProtect - Windows 10 - Client Won't display

Can't receive Multicast traffic from un-trust zone to trust zone

GlobalPotect initial login

Resolved! PA5050 | PSU | two failed power supplies

Different log retention periods

Resolved! No Objects after successful Fortinet import in Palo Alto Expedition

Resolved! Global Protect 8.1 - HIP Profile doesn't work - No logs, No HIP profile found from CLI, No Matches

Client-to-Site IKEv2 IPSec without GlobalProtect

GlobalProtect SAML Authentication Complete

how to generate an AWS Redis Auth code ?

How to validate Redis connection from vm-series on AWS ?

global counter tcp_case_2

Re: GlobalProtect 6.3.3

Re: GlobalProtect 6.3.3

Re: Support PAN-OS Software Release Guidance

Re: MFA external provider question

Re: GlobalProtect 6.3.3

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! Global Protect Feature - Enter client's notes per connection

Resolved! HA between two different Palo Alto Networks devices

Resolved! Having trouble passing traffic from one VPN through to another

Resolved! PA5050 | PSU | two failed power supplies

Resolved! No Objects after successful Fortinet import in Palo Alto Expedition

Resolved! Global Protect 8.1 - HIP Profile doesn't work - No logs, No HIP profile found from CLI, No Matches