This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4235 Views
  • 0 replies
  • 0 Likes

Global protect new features suddenly showing up on portal app config

I am pretty sure they were not there before on the same version of GP that I am running on . I see option "Allow user to sign out from Global Protect APP" and "User Single Sign-on(macOS)". I do not see any documentation about those. I tried to activate those options and they do not seem like working . Can anyone please advise ? Please find the s...

GlobalProtect_SSO.JPG
Nvempati by L1 Bithead
  • 5488 Views
  • 4 replies
  • 0 Likes

Resolved! Disabling Graceful restart for OSPF

Hi team, When performing a failover in our office we completely lose connectivity in or out. When troubleshooting we noticed we could not see the OSPF peer on the router or firewall. Looking through the system logs I notice:routed-OSPF-stopped-graceful-restart description: OSPF stopped graceful restart. Protocol: OSPFv2. Exit reason: time outthe...

ACTICE/PASSIVE CONFIG SYNC PROBLEM( Running cofiguration not synchronize)

Hello All, The firewalls are configured in high availability (A/P) but the running configuration is not synchronized. I have already tried to restarting management server of both firewall as well I tried to sync manually but getting below error:- After that, I have tried to sync from CLI mode by this command:- request high-availability sync-to...

run-confi.PNG
run-confi.2.png

Panorama OVA download

Hi guys, I hope yus can help me out. I'll be deploying Panorama in ESXi server, where can I download the OVA file? I know this is a very stupid question. I'm following the steps below, but I can't find it under my profile. https://docs.paloaltonetworks.com/panorama/8-1/panorama-admin/set-up-panorama/set-up-the-panorama-virtual-appliance/instal...

WRibeiro by L1 Bithead
  • 32657 Views
  • 7 replies
  • 2 Likes

Resolved! Crazy Q... Minemeld on raspberry pi?

Has anyone been brave or bored enough to try to run MineMeld on a pi? I just tried it on Ubuntu 16, Ubuntu 18, Debian 9, CentOS7 and was unable to get any of them to succesfully install. It seems to get close on Ubuntu 16 and 18 but after getting past 3 nasty red errors during the ansible playbook process I was roadblocked at a 4th one that stum...

hshawn by L4 Transporter
  • 7592 Views
  • 2 replies
  • 1 Likes

Resolved! Problem with GUI and WildFire

Hi Everyone,I have a problem with my PA-200 device, when the device turns on the status LED is still orange and I can't log in through the GUI interface due to "Error in parsing xml response". I found the following solutions:https://live.paloaltonetworks.com/t5/General-Topics/Error-in-parsing-xml-response/td-p/97750https://knowledgebase.paloalto...

Areczki by L1 Bithead
  • 6574 Views
  • 4 replies
  • 0 Likes

Captive Portal not working for Untrust to Trust connection

I've a requirement to validate users from Internet (untrust) when connecting to Internal (trust) network. I followed all steps marked in Admin guide and elsewhere for setting up captive portal, but somehow it is not working. Just to be sure i followed same steps for Trust to Untrust and it is working as expected. So i'm perplexed if this is poss...

sbaghel by L1 Bithead
  • 7005 Views
  • 6 replies
  • 0 Likes

Resolved! PA 5520 to PA 5220 Cluster migration

Hi, I want to migrate one PA Cluster from 5020 7.1.16 to 5220 8.1.8. Could you please help me with the steps to follow for this migration and is there a document available? ThanksJP

ICMP Timestamps

Hi,Can anyone please tell me if there is a way to stop my PA from responding to ICMP type 13 and 14 timestamp requests/replies?Cheers

tezza by L2 Linker
  • 18155 Views
  • 8 replies
  • 0 Likes

File is being blocked

There is a file that is being blocked with an extension of .ATB.ZIP is there anyway to allow this file to be downloaded instead of being blocked by the rule. I am guessing this is a predefined rule in the Palo Alto because all other .zip files are allowed. Should I inform the company to change the name of the file so that it is allowed to be dow...

Resolved! ipsec debugging

Hi I have a ipsec tunnel with a vendor - they use cisco on their end.I have been advise IKE and ESP lifespan is 8 hours ... 28800 sec But what I have noticed is if I set it to this around 6 hours in traffic stops passing.I have to restart the tunnel - via the gui to bring it back. I have tried setting lifespan to 6 hours on my side , but i get a...

Resolved! Troubleshoot Drop Counters

Hi Community, I got a question:During a project migration, we noticed asymmetric routing and had to disable the protection in Zone Protection profiles.While doing the tasks for aftermath, I wanted to analyze the problem and had a look at the global counters.There are a few drop counters I want to analyze deeper, so:How can I match specific sessi...

Chacko42 by L4 Transporter
  • 3948 Views
  • 2 replies
  • 0 Likes

SSl decryption-Failing android apps

All, I had enabled ssl decryption and no issues with desktops. But, Android phones have issues with apps like youtube,DUO etc but can browse through chrome.I assume this is because of certificate pinning that these apps use. Please correct me if I am wrong and also is there any way to resolve this besides excluding the URL or IPs?

Resolved! Aboute ACE exam and about the trainings!

Guys, I wanna to take an ACE exam and should to attand to the training courses. i've been told to attaend to the firewall configuration essentials Firewall Configuration Essentials 101 PAN-OS v.6.0 RevC training course, but i noticed also the follwoing training course Firewall Configuration Essentials 105 for PAN-OS 6.0 RevB. Does anybody know t...

  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks