This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4223 Views
  • 0 replies
  • 0 Likes

Global protect-DNS

Good afternoon/morning/evening everyone, I have an interesting one:I have a group of offshore developers and I thought about setting up a few access routes, doing split tunneling, however the problem is that my DNS being pushed for the agent is my DNS, so they can reach my DNS records, but when they want to reach sub-domains or domains configure...

TS Agent not working for Windows File Explorer

Hi! We found out, that it is not possible to track the user when he starts a Windows-File-Explorer via Citrix. Source-Port is used from the System-Context and not from the User-Context.This behaivour is confirmed by Palo Alto, and it seems to be similar tohttps://live.paloaltonetworks.com/t5/General-Topics/TS-Agent-no-port-mapping-when-using-win...

EDL list used in policy has no valid entries

Hi Community.I have configured PA to fetch EDL of type IP addresses from EDL link "https://panwdbl.appspot.com/lists/ettor.txt" for blocking tor. I am able to see that the list is getting populated. But occasionally I am getting below warning while committing other configurations,EDL <name> used in policy has no valid entries I am running ...

Resolved! Credential submission detection with SSO

Hi, Anyone knows if Credential submission detection works correctly with users that introduce the credentials via SSO in several webs?the firewall is capable to identify every time the credentials were submitted on a new web via SSO? I didn't find any mention to SSO in Credential submission detection and I have the doubt. Thanks in advance!Alberto

Where do I turn this off?

 Getting a warning every time I hit okay on an interface that I already know has management enabled is irritating. Where do I turn this pointless warning off in the settings?

warning.PNG

Push Public IP's down via Global Protect

I have a possible need to push some of my public IP's down through my Global Protect clients. Meaning an associate at home will hit my public IP via GlobalProtect and not from the Internet side. Can this be done... Or is it a bad idea in Palo Alto Land?

Network slowness after changing the fw

Hi, We have change a PA3020 devices cluster, with a PA3220 cluster. After changing them we are having slowness issues in the network. After doing some troubleshooting we have seen that the issue is with SMB and also with the Internet connection. If we do a failover it seems to work better but it still is slow. The configuration is the same as th...

Connections Per Second Per host?

Has anyone found a way to see a hosts generated connections per second? In other words we want to hone in on a specific host and see the CPS being generated in either a live or post event. All I have found so far is global cps (show session info) Thank you

Cisco ACI plug-in Synchronize Error

We have completed the installation and integration of the Cisco ACI plug-in to our panorama environment. We have found that on 2 of the 3 APIC clusters we are tied into for 3 different fabrics we get the following error on synchronization.'State of ACI fabric is currently changing, unable to retrieve tags. Will try again next iteration." My only...

aci.jpg

snmpd crashing even after manual restart

Hi there, We have 2 PA-3020 in our environment working as active/passive.Recently after upgrading to PanOS9.04, both boxes are presenting issues with the snmp daemon. At first the problem was easily fixed with manual restart of process, and than became a weekly problem, but now the process last a few seconds before crashing. [Last logs before sn...

UNIRIO by L1 Bithead
  • 9830 Views
  • 3 replies
  • 0 Likes

Global Protect Doesn't connect to Portal. It connects to my WIFI instead

I have installed GlobalProtect,Version 5.0.3-29. All my colleagues are able to connect. Here are the steps:1. Install Cert in CertStore.2. Download GlobalProtect agent for 64 bit.3. Now when trying to connect to Portal. It doesn't throw any error but connects directly to my wifi. It displays "Not Connected. You are connected to ''Wifi Name ". Ha...

intermittent dataplane CPU spike

@BPry I am seeing the dataplane cpu spike to over 90% for about 5 minutes and then drop to normal. It comes intermittently with not regularity to when it occurs. I have been doing the show running resource-monitor, show system statistics, and showing the 20 top applications and I can not find it. Any suggestions would be helpful

jdprovine by L4 Transporter
  • 5580 Views
  • 3 replies
  • 0 Likes

Zero Day vulnerability in Google Chrome (CVE-2019-13720, CVE-2019-13721 )

Hi Team, Anyone know which Content Update (released or upcoming) might contain a mitigation for CVE-2019-13720, CVE-2019-13721 Refer the below link for Vulnerability details:https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-google-chrome-could-allow-for-arbitrary-code-execution_2019-118/ Best Regards,Sahul Hameed

SahulH by L3 Networker
  • 9386 Views
  • 8 replies
  • 0 Likes

Resolved! Global Protect Feature - Enter client's notes per connection

Hello,We have Global Protect VPN profile that provide access to our environments and I need to let the clients to justify every connection to the VPN.I'd like to know if it is a way to open a text box for every VPN connection to let the client enter his notes and see the connections notes in the PA monitoring section. Appreciate your help... Th...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks