This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4229 Views
  • 0 replies
  • 0 Likes

Content and Antivirus updates failing

Anybody else encountering this issue in the last days?Content and antivirus updates are failing with "Failed to download due to generic communication error. Please try again later."The internet access itself is OK. The issue seems to be on the Palo Alto Networks side.

Anon1 by L4 Transporter
  • 8806 Views
  • 6 replies
  • 0 Likes

Resolved! HA between two different Palo Alto Networks devices

Hello,Can I set up a HA between PA-500 and PA-220?I searched a response to my question in the PA documentations but I found that it is required to have two same model of Palo Alto Networks:https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClrsCACCan you please confirm this answer to my question ?Thank you in advance.Best ...

ra7oub4 by L2 Linker
  • 3811 Views
  • 1 replies
  • 0 Likes

Traffic Shaping requirement

Our customer wants to shape the traffic to 40 mbps user. I can see they have a QOS rule for all Traffic, class 4 is in use, does it mean the current shaping is 400 mbps? Is it per client or overall? How do we achieve customer request (traffic shaping per user)?

Class.png

Resolved! Having trouble passing traffic from one VPN through to another

Hi all, Here's what I'm trying to do - I have a PA firewall with two VPNs - let's call them A and B. I'm trying to work out how to get traffic from site A to route through to site B, but it's eluding me - the site B tunnel doesn't come up. I have tunnel.198 to Site A with a route passing 192.168.24.0/21 traffic to that tunnel, and tunnel.300 wit...

CoreHR by L1 Bithead
  • 3302 Views
  • 2 replies
  • 0 Likes

Globalprotect Block sessions if the certificate was not issued to the authenticating device

Hello,My organization is testing out GlobalProtect for Linux and we've quickly realized that the certificates we deploy through SCEP (MS NDES, Certmonger) can be utilized on other systems than whom they were intended for. This opens up for users with root access (dev's) to set up a non company owned/managed devices with GlobalProtect and this pr...

Tony-Le by L0 Member
  • 5606 Views
  • 2 replies
  • 0 Likes

Multiple URL Global Protect Multiple FQDN

We would like to use multiple URL's to access our Palo with Multiple LDAP authentication. portal.company1.com LDAP1 portal.company2.comLDAP2 portal.company3.comLDAP3 We could also do like C1.company.comLDAP1C2company.comLDAP2C3company.comLDAP3 Can anybody guide me to a solution so far support has not been super helpfull. Another is portal.comp...

GlobalProtect - Windows 10 - Client Won't display

I have a fresh install of Windows 10. When I right click on the GlobalProtect icon in the tray no menu ever shows up. I see the GlobalProtect icon in the taskbar but any click on it will make icon dissappear. Any ideas or workarounds? I have re-installed the client at least 5 times now and restarted my PC several times. Same behavior every t...

egv12wQ

Can't receive Multicast traffic from un-trust zone to trust zone

Dears,We should receive a multicast traffic from a third party router that are connected to our un-trust zone.This multicast should be received on a server that are connected to LAN environment (trust zone)Firewall is PA-820 and OS is 9.0.4 We tried to allow multicast and PIM/IGMP on both interfaces but no hope. Multicast is not passing the fire...

Ammar by L2 Linker
  • 3286 Views
  • 3 replies
  • 0 Likes

GlobalPotect initial login

I have deployed the GlobalProtect Always-On VPN via the MSI.exe, where the external gateway is specified. The GP client installs fine on the Windows endpoints. The remote user logs into the Win 10 endpoint with their Windows domain credentials as normal. As they have never connected via the GP client before, they are prompted to enter their Wind...

rchung54 by L2 Linker
  • 3393 Views
  • 3 replies
  • 0 Likes

Resolved! PA5050 | PSU | two failed power supplies

Hi All,We have a dead PA5050 device due to double failure of PSU.One day failed first power supply and PA5050 worked fine on remaining only. A day after failed second power supply and PA5050 died.As soon as our support contract ended we can not ask support team directly neither we can not open the case.Could it be that somebody know how to repa...

pa5050PSU.jpg
IHEP by L1 Bithead
  • 6227 Views
  • 5 replies
  • 0 Likes

Different log retention periods

Hi, for privacy reasons our customer has different log retention periods. He want's to delete all personally identifiable traffic log for traffic from internal to external to delete after 7 days. Also traffic logs for blocked traffic from externel to internal should be deleted after 7 days. Traffic logs for allowed traffic from externel should n...

Resolved! No Objects after successful Fortinet import in Palo Alto Expedition

After 'successfully' importing a FortiGate configuration file into Palo Alto Expedition, I do not see any Address Objects or Security Rules. I do see the Interfaces and Security Zones. The FortiGate configuration file was exported using FortiiManager v6.0.7. The FortiGate is running firmware 6.0.6 in HA Mode Active-Passive. My Expedition version...

Resolved! Global Protect 8.1 - HIP Profile doesn't work - No logs, No HIP profile found from CLI, No Matches

I have Global Protect VPN configured and everything is working, but the moment I apply a HIP-Profile to my security rule (for my VPN Users), they immediately do not match my VPN security rule. I get no HIP logs, I cannot find any hip profiles. I configured a HIP Profile, to match any Windows operating system, so I kept it simple. I can remove th...

MS Outlook 2010 not conecting to the server, when connected via GlobalProtect Always-On VPN

Hi, I have GP Always-On VPN configured and my test Windows 10 machine connects to the gateway and accesses internal LAN resources fine. MS Outlook 2010 doesn't seem to connect when I am connected via the GP client. Outlook just keeps saying 'Trying to connect to server'. On one occasion, the MS Outlook prompt did appear for me to enter my passwo...

rchung54 by L2 Linker
  • 12363 Views
  • 11 replies
  • 1 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks