This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

Resolved! Certificate for GP Gateway for IOS 13.x

Dear all,was anyone able to generate a certificate satisfying the new requirements from Apple for IOS 13?https://support.apple.com/en-us/HT210176 I have no problems generating the correct Subject Alternative Name extension, but no idea so far how to satisfy:TLS server certificates must contain an ExtendedKeyUsage (EKU) extension containing the i...

Resolved! Is topology like this possible?

Hello!I have an idea for my test lab, in conditions without physical switch and with very limited number of ports. I need my server behind firewall to receive IP from ISP DHCP and also I need my firewall to have an outside L3 interface also receiving IP from that DHCP, and use it to NAT all devices from port 2. It would all be easy with many por...

Multiport hypothesis.png
Netstaff by L1 Bithead
  • 5036 Views
  • 8 replies
  • 0 Likes

Resolved! Cli command to show real time traffic of specific user

Hello All, Is there any way to check how we can identify the user consuming huge bandwidth in real-time. Using Palo alto dashboard we can query the user high bandwidth consumption but it will be after the session is ended. it will not be on real-time.thanks.

Resolved! Iphone globalprotect app 5.1

Is anyone else having issues with the new version? Getting authentication errors. Was working fine before the update. I don't believe anything else has changed. Have a ticket in but was curious if anyone is running 5.1 successfully on an iphone.

Palo Alto Threat Logs

Hello, I've been getting multiple code execute with a content type "Suspicious File Downloading (54469)". I'm not really sure if this is just normal browsing or a directory scan, I can't find any documentations about this content type. May I know what it does or what happens with the traffic?

Resolved! How to output and input the Palo alto security policy to other one PA device?

we have a lot of the same security policy want to transfer to branch office,any method I can output and input the Palo alto security policy to other one PA device? just like cisco swith CLI, maybe "show security policy....." in old one, and "set security policy..." in new one, that will be convenience for setup new one.

Counter for drop packets at the Ingress/interface stage

Is there any specific counter to tell if traffic is being dropped during high-dataplane utilization ~100%.The show counter interface <interface> specifies dropped packets & packets dropped due to flow state checks. but will there be any slighest chance that we are dropping traffic because the chip buffers are under severe load.

Sanssj by L2 Linker
  • 6059 Views
  • 2 replies
  • 0 Likes

Resolved! URL for Bulletproof ISP's EDL ?

I was at the Boston Fuel event, and one of the sessions the presenter said they could give us a URL for the new Bulletproof EDL listing (built-into PAN-OS 9.x). I'm not brave enough the deploy 9.x in Prod, so I was hoping maybe someone had the URL so I can create my own rule blocking these hosting providers that seem to harbor lots of malicious...

Palo alto FW for home/lab

Hello, I would like to ask you regarding PA firewall for Home/Lab. I worked like Network engineer, mostly with Cisco devices in ISP (MPLS, BGP, IPSEC, QinQ), and now I desided to learn new things. Which things I can learn, study with PA200 PAN OS 8.0 without license ? I am trying to find any cheeper devices with licence but it is impossible for...

ZEENMC by L1 Bithead
  • 50798 Views
  • 11 replies
  • 0 Likes

Minemeld Ageout Policys and Withdraw

Hello, Im having several issues and questions about what the best practices would be for surronding ageout policys. Is it better to add an ageout policy to the Miners, Aggregators, or Outputs?If I use the following Ageout policy, if a feed sends an IP right after the age-out occurs, will the first_seen time start over? age_out: default: firs...

DSHDAlex by L0 Member
  • 5390 Views
  • 3 replies
  • 1 Likes

VmWare ESX Firewall License

Hi community, i have a problem with licensing firewall which is on VmWare. When i tried to "deactivate vm" under licensing tab(on firewall), firewall has no longer license but on the website support.paloaltonetworks.com there is still active authcode. And can not add manually a new authcode on firewall. What causes this problem? Can you help me ...

How to store output

Hello Team, I have one txt file in my window machine in which there are 1000 urls example.test.abc.comtest.ftp1.com so if i type this cmd in putty "test.url test.abc.com" i got some output. Please let me know is there any way to save the output of all these 1000 urls like in linux we can use > root/Desktop/test.txt to save the output

dmodi by L2 Linker
  • 6027 Views
  • 7 replies
  • 0 Likes

Cannot connect to GlobalProtect

Hi, Just need bit of a direction on what to check for this issue. Two users can't connect to the globalprotect vpn. One user: Windows 8.1 - can't connect (shows connecting forever) and another one: Windows 10, seems to connect and disconnect straight away. Logs from PANGP shows: 362): InitConnection ...(T8796) 09/06/17 05:49:46:934 Error( 366): ...

Farzana by L4 Transporter
  • 18086 Views
  • 11 replies
  • 0 Likes

proxy_arp_pvlan_feature request

Dear Palo Alto support teamAs I have post my question in the community, I come to conclusion that the Palo Alto firewall does not support the feature explained in the post--https://live.paloaltonetworks.com/t5/General-Topics/proxy-arp-pvlan/m-p/302528#M78834.The design case is used the the private vlan scenario where the upstream router/firewall...

seek_2 by L1 Bithead
  • 3445 Views
  • 1 replies
  • 1 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks