This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1805 Views
  • 0 replies
  • 0 Likes

Resolved! RADIUS MFA Enrollment Message

I have successfully deployed MFA for my Global Protect users using PingID. Using RADIUS and LDAP I am able to have a user challenged every time they want to fire up the Global Protect gateway. However, this functionality only happens when a user has

...

Resolved! IPS Running Active/Active after reboot.

I upgraded a few pair of IPS/IDS devices last night and ran into an odd issue I haven't seen when upgrading other devices before. They run, typically, in Active/Passive mode, so when I upgrade I suspend one, upgrade, reboot, unsuspend it, and then re

...

Destination NAT with Port Range

Hi !

 

We are trying to configure Destination NAT rule for a VC device on Palo Alto 820 NGFW. we need to allow range of TCP ports(Ex:3000-3050) but we could not find the option to configure the port range under the translated tab. find the below requir

...

Tulasi by L0 Member
  • 5866 Views
  • 1 replies
  • 0 Likes

log to Kiwi Syslog

Hi,

I've configured all the necessary in my PA-500 but I can't view logs Kiwi Syslog v8 in my PC. Is there some special configuration I missed? I've configured the firewall for UDP sessions. I've some DMZ configured, maybe I forgot to open some ports?

s_quasar by L3 Networker
  • 7538 Views
  • 5 replies
  • 0 Likes

Decryption policy and SNI

Hi,

I activated a decyption policy but my site is configured with SNI. If I apply the policy, the other site with the same IP is blocked with error SSL_ERROR_NO_CYPEHR_OVERLAP (this in Firefox). Which is the correct configuration with SNI?

s_quasar by L3 Networker
  • 9854 Views
  • 8 replies
  • 0 Likes

Global Protect says it is updating but it isnt

Using Client version 5.0.1-9. I have set the Portal update settings set to Allow Transparently.

I have downloaded 5.0.5 on the portal and activated it. 

Wait 5 min.. connect with GPClient externally. 

After a few minutues I get a popup "GlobalProtect Ag

...

Andrew.C by L0 Member
  • 6383 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect connection problems

GlobalProtect version 3.1.6-19. 

Windows Server 2012 R2 ver 6.3 (Build 9600)

 

Hi there,

We' ve a server in the remote network that we reach with GP, we regularly (mostly hourly) pull data from that server. There is a windows service that we wrote to do

...

Traffic from GP interface

Hi Team,

 

I am seeing some traffic initiated from GP interface to outside using source port udp/4500 to public IPs of clients( GP uses 4501 and I have xauth configured). Are these traffics are because of GP xauth configuration.. anybody has noticed it

...

Convert active/active to active/standby Firewalls

I have active/active scenario PA-220 FW. FW1 has diffident  config than FW2. I want to make FW1 is the active without loosing any data. 

 

Do I need to erase or do factory reset for FW2 before I sync it from FW1 which is the main configuration that I w

...

SSL Decryption in different countries?

Hello All,

 

Starting to deploy 100+ firewalls worldwide. Have configured SSL decryption for General Browsing rule.

A template has been configured in Panorama, so they all have the exact same setup.

North America and Europe locations I tested are OK. Tri

...

Rievax by L2 Linker
  • 4000 Views
  • 4 replies
  • 0 Likes

Resolved! Can alternate usernames be used for Credential Detection?

We are using Multiple Username Formats under Group Mapping and E-mail address as one of the alternate usernames. Output for CLI command show user user-attributes user all displays e-mail address as Alt Username.
We have also User Credential Detection

...

marroz by L1 Bithead
  • 5343 Views
  • 4 replies
  • 0 Likes
  • 24241 Posts
  • 117 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks