General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Palo Alto VM firewall registration

Dear All,

I am a beginner to this platform and I successfully dowmnload a copy of PAN-VM-7.0.1.ova from the internet to start hands-on practice. I am trying to register the VM firewall to the Palo alto support website for more features and trial lice

...

User ID firewall having an empty status column for the server monitoring

Hello,

We are using PAN-OS 8.0.6-h3. Our User ID firewall is showing an empty status column for the server monitoring.

> show user group list

Server error : op command for client useridd timed out as client is not available

^^This was encountered whi

...

HA on aggregated interface

We don't have a qsfp module yet for our core switchse yet, so i am trying to use regular 10G interfaces in aggregate ethernet type HA.

But neither Panorama nor the firewall iself seems to give the option for aggreagate interface in the dropdown of HA2

...

Resolved! How to ignore BFD traffic passing thru on virtual wire?

I have a virtual wire configuration, on an active-passive firewall cluster, where I am running a routing protocol through the virtual wire, with BFD (Bi-Directional Forwarding detection) attached to that routing protocol. In the virtual wire mode, th

...

How to utilize VM-Information source

All,

I'm attempting to alleviate some of the day-to-day operations that we do, and found that VM-information sources might be useful. I've got a test environment that can talk to a test vCenter and pull the attirbutes, but I'm not able to get the tag

...

Active/Active ECMP

I have two Palo Alto 5250s running in my core network as a core firewall for all campus and datacetner traffic. They are running active/active. I have layer 3 routing south bound to two cat9500s not in VSS. So I am running HSRP on each 9500 alternati

...

Application Filters and dependencies - General Internet Use

Hi

I've been following the instructions here: https://live.paloaltonetworks.com/t5/Blogs/What-are-the-recommended-applications-for-internet-access/ba-p/153835, on setting up applications filter for controlling internet access. I've configured the app

...

SSL Inbound Inspection

Hi Team

Kindly help with below query.

We approx host 100 websites of our partners. All websites are on SSL (https).

I want to configure SSL Inbound Inspection. As per my understanding, I need to import SSL certificate of 100 websites for SSL inbound

...

How to upgrade a virtual panorama server from 7.1.16 to 9.x

Hi,

I would like to upgrade a virtual panorama server from 7.1.16 to 9.x which has all Firewall logs and ACC reports. I read about log migration and Panorama mode change should also be part of this upgrade. I have never done a similar kind of upgrade

...

Resolved! Query on Master key

Hello,

We had to factory reset our standalone unit after the master key expired.

Is Master key necessary for the PA? Looks like after factory reset there is no master key anymore. Thanks.

Resolved! Template variable setting of None a best practice?

At ignite someone was talking about using template variables and making sure that their values are set to "none" as default as a best practice, and then overriding on the panorama managed firewall (by local - I mean under Panorama/summary/managed de

...

Resolved! unable to download vmware_nsx from support site

Hello,

I've been struggling for some time now to upgrade Panorama from version 8.0.14 with NSX plugin (build_in) configured to 8.1.9.

I'm getting this error:

In version 8.0 you dont have the option to check now to be able to upgrade the VMWare_Nsx plug

...

Palo Alto Active/Passive > eBGP to ISP > VLANs for ToR switches (Juniper)

Up top, have an eBGP peering with ISP.

Trusted Zone > L2 Links down to Nexus > then Juniper ToR switches aggregating servers

The firewall will perform L3 and contain the VLANs.

How would you go about the connections from Palo > Nexus > Juniper

Resolved! External Dynamic List: add manual entries?

I'm using MineMeld to scrape Microsoft's website to grab the list of Office 365 related URLs and IP addresses. We've noticed that this feeds in *.outlook.com, but not outlook.com. This results in the common Office 365 Outlook Web App URL https://ou

...

Resolved! Recommended Firmeware for Ger Tunnel 9.0.* ?

One of our Client want to use GER tunnel . Can any tell me what is the recommended verision bug free 9.0.* ? We should upgrade to use the GER Tunnel ?

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Palo Alto VM firewall registration

User ID firewall having an empty status column for the server monitoring

HA on aggregated interface

Resolved! How to ignore BFD traffic passing thru on virtual wire?

How to utilize VM-Information source

Active/Active ECMP

Application Filters and dependencies - General Internet Use

SSL Inbound Inspection

How to upgrade a virtual panorama server from 7.1.16 to 9.x

Resolved! Query on Master key

Resolved! Template variable setting of None a best practice?

Resolved! unable to download vmware_nsx from support site

Palo Alto Active/Passive > eBGP to ISP > VLANs for ToR switches (Juniper)

Resolved! External Dynamic List: add manual entries?

Resolved! Recommended Firmeware for Ger Tunnel 9.0.* ?

SSO Activation

No valid AceMlc2 config: SC 1 (AceMlc2): Config not valid

How to request a URL filtering change to High-Risk?

Management Interface Settings - Can't Change?

Log Container Page Only - impact?

Re: New periodic alert: Configuration size 19MB is above 80% of the maximum recommended configuration size 23MB for the platform.

Support Portal is down.

Re: sorting question

Re: How to add palo to multiple device groups

Error while logging into PaloAlto Support Website

Unlock your full community experience!

Resolved! How to ignore BFD traffic passing thru on virtual wire?

Resolved! Query on Master key

Resolved! Template variable setting of None a best practice?

Resolved! unable to download vmware_nsx from support site

Resolved! External Dynamic List: add manual entries?

Resolved! Recommended Firmeware for Ger Tunnel 9.0.* ?