This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4136 Views
  • 0 replies
  • 0 Likes

Persistent issue with APP-ID Reliability

Hello all. I have had an issue with PANOS since 7.0 (Currently I am on 9.0.2-h2) where the application id feature is not reliable in security rules. I can add a rule and for example lets say I allow ssl to 10.1.1.1 from 10.2.1.1 no user restrictions and just add the ssl application and commit. Then I try to access https on 10.1.1.1 from 10.2.1.1...

drops.png

GlobalProtect Clientless VPN inactivity and session lifetime logouts enforcement

Good day, Inactivity and session lifetime forced logouts are not enforcing logouts on open clientless applications. Currently running 8.1.8H5 and have found that clientless application sessions are remaining open even after a forced logout. Going back to portal tile page, requires a login for any new application but all open sessions reamin ope...

rdefeo by L0 Member
  • 3221 Views
  • 1 replies
  • 0 Likes

Global Protect Client on Linux cannot connect to local gpd

Hi, have this problem since a few releases back.Installed latest Globalprotect client for linux, currently 5.0.3. Install ok, runns ok but doesent activate and connect.root@khazad:/home# systemctl status gpd● gpd.service - GlobalProtect VPN client daemonLoaded: loaded (/lib/systemd/system/gpd.service; enabled; vendor preset: enabled)Active: acti...

IKEv2 between PAN-OS 8.1.9HF4 and Cisco IOS routers or ASA devices

I am trying to setup site-2-site VPN between a Cisco router and PaloAlto 820 running 8.1.9HF4. Everything is working fine in IKEv1but it is not working in IKEv2. Look like PaloAlto is not playing nice with Cisco devices. If I replace the PaloAlto with Checkpoint firewall, it works fine with Cisco in IKEv2. I have a ticket open with PaloAlto...

dtran by L4 Transporter
  • 5916 Views
  • 3 replies
  • 0 Likes

Redirect some FQDN to VPN

Hello, It's possible to redirect some domain name (exemple: *.com and *.net) to tunnel VPN ?I think that it's possible by creating address object and use by policy based forwarding for redirection, but I can't use wildcard match all *.com. thanks.

Problem with Response Pages in Internet Explorer

Spoiler (Highlight to read)Hello there,Does anyone else have problems with response pages in IE11?They are working fine with Chrome and Firefox, but are not shown in IE11.Thanks and regardsHello there,Does anyone else have problems with response pages in IE11?They are working fine with Chrome and Firefox, but are not shown in IE11.Thanks and reg...

Master key operations on Panorama HA

Hi, I have a question regarding changing master key for firewalls from Panorama and its consequences. My situation is the following:- Two Panorama servers in HA- Two PAN Firewalls in HA (let's call it as HA cluster 1), already managed by Panorama Seems that I changed the default master key for the firewalls but I don't remember what is the curre...

terminal service agent

Hi All, Hope you all are doing great. I am facing some issues in working with terminal service agent. I will have a small intro on what I am trying to do. As of now, I am in the testing phase for implementing TSA in our environment. For this I am using a server for testing. I installed TSA in thatbserver and called the same in a firewall and the...

Resolved! Custom URL Category issue

Hello, We have followed this guide: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClIPCA0 Decrypt portion is working well. However we are finding the custom category and its contents although set to block, are not blocking https unless its in the block override.Example url HTTP results in below block: Correct categori...

Correct.jpg
Incorrect.jpg

Resolved! Traffic between tunnels - need config help

I have two IPSec tunnels configured. Traffic is flowing between a local interface and each of these two tunnels, but I can't seem to get traffic flowing between the two tunnels. I have two sites Site1 and Site2, each with a PA and one external interface. I have a IPSec tunnel between them via the external interface so clients at Site1 can rea...

Paloalto detecting IMEI Number of mobile devices

I've a query regarding Cisco Jabber connection with Palo-Alto. Below are my points. 1. Right now If any of our company user having Cisco Jabber installed in his/her smartphone & having Jabber profile on CUCM, he/she will connect via Internet on jabber. 2. My question is only is it possible in Palo-Alto that we can bind IMEI addresses in Palo...

  • 24340 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks