General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Resolved! Application vs Service? Specific to traffic being classified as APPs using the same ports

I use both but running into an issue with Lab specific traffic where I will allow a list of applications with service set to ANY but the PAN classifies some 443 traffic as (for example) 'windows push notification' or 'soap' but I am not allowing eith

...

Gateway ssl - The server certificate is invalid

Hi everyone,

I have a connection issue using GlobalProtect.

Could anyone help me?

Thanks a lot

Blocking Google Images

Howdy everyone,

We have a strict internet usage vlan where users can only hit an Approved List of URLs that we manage through Panorama. The issue is that some of these fights reference Google as part of the CDNs so we've had to allow them in to the

...

Email Alert Subject Line.

Hi team,

Is it possible to customise the Email alert subject line ..??

For Example :

Default - Sub: "The VPN XYZ tunnel is down"

Customised - Sub: "The VPN XYZ tunnel is down, Need immediate attention".

Resolved! Palo Alto keep client IP

Hi,

Is possible to keep in Palo Alto the client IP although PA is doing a source NAT to reach internet?. A service in the cloud needs to know the client IP. Something like XFF.

Resolved! Traffic log shows decrypted for blocked traffic

We have not enabled ssl decryption for specific subnets.

When I see the traffic logs I see ssl decrypted is checked and traffic is denied.

I verify that I see decrypted flag for all traffic that is blocked in url category.

Need to know reason for thi

...

Resolved! PanOS version number

Am I correct that the naming scheme is considered Major Version . Feature Release . Maintenance Release - hotfix?

8.1.6-h3

Resolved! Port used by the user id agent to talk to AD server

We have PA user id agent running on the windows server.

Need to confirm Port used by the User id agent to talk to AD for user to ip mappings

is this port tcp 5006?

where should i look for?

Packet Descriptors spike

Hi All,

I've been collecting and plotting CPU, Session, Packets Descriptors, Packets Per Second, as well as some other metrics. Once in a while I see a spike on the Packet Descriptor graph.

According to KB article How to Interpret: show running resourc

...

Resolved! 5220 data plane cpu utilization in GUI

Need to know on PA 5220 when we see DP utilization in GUI does it mean that it is average CPU of all the cores?

Resolved! PA-220 Issues with Routing between LANs (Layer 3)

Hello everyone!

I am brand new to Palo Altos and firewalls in general, so I'm sure I have made a couple obvious mistakes, but hope to learn. I have inherited a PA-220 that is now needed to be put in place between us and other connections (no interne

...

Reasons for Connections going to ssl decryption exclusion list

Need to know PA which reasons it consider to put session in ssl decryption exclusion list?

one I know is client cert authentication and cert pinning.

also if ssl handshake does not complete will PA put connection in exclusion list?

Feature Request : GlobalProtect Disable uninstall of agent from workstation

We need the ablity to disable the uninstall of the GlobalProtect agent from our corp laptops. As it is now our users can and will uninstall it.

Traps has this ablity but I cannot seem to find anywhere to secure GlobalProtect

GlobalProtect - How Are you Using?

We have had our Palo 3020 along with GlobalProtect for about a year now, and we continue to struggle with all sorts of GP issues. I'm curious to know how are you all using GlobalProtect?

One Issue - Our strategy was to use GlobalProtect as an Always-

...

Resolved! new panorama vesion 8 legacy adding disk

Hi,

newly deployed ESXi vm panorama 8.0.2

By default free space is 11gb this is ok.

Then trying to add a new disk for exmpla 150gb.

This is working with version 7.1 new panorama.

Can we also make this work with new deployed 8.0.x panorama (legacy mode)

...

Discussions

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

Discover LIVEcommunity Through Our New Animated Explainer Video!

Resolved! Application vs Service? Specific to traffic being classified as APPs using the same ports

Gateway ssl - The server certificate is invalid

Blocking Google Images

Email Alert Subject Line.

Resolved! Palo Alto keep client IP

Resolved! Traffic log shows decrypted for blocked traffic

Resolved! PanOS version number

Resolved! Port used by the user id agent to talk to AD server

Packet Descriptors spike

Resolved! 5220 data plane cpu utilization in GUI

Resolved! PA-220 Issues with Routing between LANs (Layer 3)

Reasons for Connections going to ssl decryption exclusion list

Feature Request : GlobalProtect Disable uninstall of agent from workstation

GlobalProtect - How Are you Using?

Resolved! new panorama vesion 8 legacy adding disk

CLI - Basic to Advance PAN-OS 11.1

log forwarding to syslog | drops and queue

Combining IP and URL EDL on Rules

Manufacturing Number on a SPF LX module

Better solution for remote access

Re: flow_tcp_non_syn_drop - packet capture on this counter?

UserID periodic empty groups issue

Re: CLI - Basic to Advance PAN-OS 11.1

Re: SAML Authentication Profile not popuating IdP Server Profiles

Re: Upgrade PAN OS from 10.1 to 11.1

Unlock your full community experience!

Resolved! Application vs Service? Specific to traffic being classified as APPs using the same ports

Resolved! Palo Alto keep client IP

Resolved! Traffic log shows decrypted for blocked traffic

Resolved! PanOS version number

Resolved! Port used by the user id agent to talk to AD server

Resolved! 5220 data plane cpu utilization in GUI

Resolved! PA-220 Issues with Routing between LANs (Layer 3)

Resolved! new panorama vesion 8 legacy adding disk