This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4216 Views
  • 0 replies
  • 0 Likes

Unable to delete Certificate

Hi I need to delete a certificate from a PA-3050. The certificate is currently EXPIRED. When I try to delete it it says this message 1- Failed to delete Certificate - MYCOMPANYWildcard 2014-2017-FOR_DELETION. ° MYCOMPANY Wildcard 2014-2017-FOR_DELETION cannot be deleted because of references from: ° ssl-tls-service-profile -> MYCOMPA...

SOC_CSG by L4 Transporter
  • 28274 Views
  • 7 replies
  • 0 Likes

Palo Alto HA in an Azure environment

We have utilised Marketplace in Azure to setup 2 x PAs with the intention of turning on HA.We can not locate configuration information for an Active/Active setup in an Azure environment (seemingly we can locate only Active/Passive setup information). Can someone guide me through active/active setup in azure

Global protect on MAC, with proxy settings

In our company, we do not allow split tunneling and access to Internet(while on VPN) happens via only proxy. We are using on-demand mode. Once MAC users connect to GP,proxy settings apply. Only browser which works in this setup is Mozilla Firefox. Is there a fix for this. ? Has any one run into this issue. This setup worked fine when we were on...

SuryaR by L3 Networker
  • 8533 Views
  • 5 replies
  • 1 Likes

Resolved! weird file in device with TRAPS

Hello,We have devices with TRAPS and we has found files with strange names as !!!!!!!!* and zzzzz*.I we try to modify or execute we get anti-ransomware alert.this files are normal? could be a bug?

Capture.JPG
Marivi by L2 Linker
  • 12007 Views
  • 7 replies
  • 0 Likes

PA-220 DHCP with reservations

I have this weird issue where if my wireless clients lose connectivity to my meraki AP and then have to rejoin after the AP reboots, the DHCP server on the PA-220 stops handing out DNS servers that are inherited from the untrust port. I have all clients on my network as DHCP reservations. After they can't get DNS servers I have to reload the PA-...

Suspicious DNS Domain addition

Hello, is there a way to report suspicious DNS domains to Palo Alto for inclusion on the Palo Alto suspicious DNS query list? we have a domain which various threat intelligence sources report as suspect/risky but it does not appear in the Palo Alto list. i know we could set up a custom list but is there a path we an use to report into Palo Alt...

Need to allow upload files in wetransfer without getting open unnecessary websites

HI Team Our customer has one requirement that need to upload files in Wetransfer application but its also using the web-browsing application to upload the same file. If i allow the Web-browsing application in policy unnecessary websites are getting open. Requirement is specific user uploading files to wetransfer application at the same time they...

new CA Sectigo(formerly Comodo) not trusted

Hello. We are having a minor issues on one of our customer firewalls performing decryption. it seems certain sites. that have a certificate issued by sectigo. chainroot: Sectigointermediate: Sectigo RSA Domain Validation Secure Server CAsite certificate. I believe the root cause of this is the fact that this CA used to be called Comodo( for whic...

PA3020 upgrade failure from 8.0.11-h1 to 8.1.9-h4 - FIPS failure error

We are experiencing an upgrade error/failure when we try to upgrade PA3020 from 8.0.11-h1 to 8.1.9-h4. When our customer tried to upgrade from 8.0.11-h1 to 8.1.9-h4; their PA3020 went to Maintenance Mode after installing and rebooting .The Maintenance Mode simply stated that there is a "FIPS failure". The upgrade steps that we followed are:a) Do...

SSL Certificate for Global Connect

Hi All, I have a users who plan to connect their phones (To use a soft phone app for the PABX) and laptops to the internal network from outside, i have setup the global connect gateway and portal and tried to use self signed cert but it is not working, now i need to use a CA to generate a signed certificate and i have two questions:1. Which CA d...

Resolved! CLI URL filter, change Site Access?

I am trying to determine how to change the Site Access of the new URL categories (cryptocurrency and grayware). By default, they are Allow, and I want them to be Alert. I can do this via CLI w/ the command from config mode below. set shared profiles url-filtering TEST-ONLY-02 alert grayware What I do not understand is that once changed, I can ...

BoDollis by L1 Bithead
  • 3746 Views
  • 1 replies
  • 0 Likes

Resolved! Upgrade to PANOS 7.1

I'm looking at getting a Palo Alto used. A lot of the units are pan os 4, 5 or 6. For a PA-500, for example, can I get a 5.x OS and upgrade it to 7.1? Does this require a support contract to upgrade it?

RustyPA by L1 Bithead
  • 11251 Views
  • 7 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks