This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4437 Views
  • 0 replies
  • 0 Likes

Alert from AIOPs that one of our Log Collectors has left the Collector Group in Panorama.

Hi I got an alert from AIOPs that one of our Log Collectors has left the Collector Group in Panorama. But after we checked in Panorama both Log Collectors are still in the Collector Group.1. Why does the alert from AIOPs state that one of the Log Collectors is disconnected?2. is it because of configure in a non-redundant mode? if so, this con...

Resolved! Tags for Managed Devices vs. Object Tags

I know how to create and manage Object Tags; under Device Group > Objects > Tags. What I can't seem to find is how to manage the tags that get applied to the managed devices under Panorama > Managed Devices > Summary. I know I'm probably missing something obvious, but a point in the right direction would be helpful.

jwill2 by L2 Linker
  • 1750 Views
  • 1 replies
  • 0 Likes

GlobalProtect license in HA

Hi we bought PAN-PA-1410-GP-HA license an I would like to know what this license for is it for both 2 firewalls in HA actve passive , how to activate it only on active firewall or passive firewall as well

mhmameen by L1 Bithead
  • 1023 Views
  • 2 replies
  • 0 Likes

Prisma - ClipChamp

Hi all, I have an issue where I cannot sign into the ClipChamp application when connected to Global Protect - the web version is fine. Something must be blocking it, but I can't find anything in the logs. I do see some traffic being allowed, but the end session reason is 'policy-deny' - what is this policy!? I'm not entirely sure this is related...

HTTPS Access Issue

I cannot access our Palo Alto device through HTTPS, although I can still access it via SSH without any issues.After investigation, I found that the certificate was expired. Why did it work after restarting management plane from cli prior to changing the expired certificate then ?

T.Galal by L0 Member
  • 756 Views
  • 1 replies
  • 0 Likes

GP issue with IOS device

We are facing issue with connectivity using GP in I Phone devices. We are getting the below error.gateway apple T the network connection is unreachable or the gateway is responsive check the network connection and reconnectWe tried installing new set of certificate with pkcs format on iPhone yet it is not working.We checked the Monitor log where...

Evaluation Licenses

I have Palo-Alto Firewalls and Panorama installed via KVM on eve-ng. I am utilising these systems for exam preparation. I require the eval licenses so I can utilise Panorama correctly. Can someone let me know how I can get the eval licenses without being a partner etc?

Clarification on App Rule - I thought I understood this

I recently moved a firewall into being managed by Panorama. I setup an Application rule specifying the application as PANORAMA which includes the ports necessary (I assumed) for Panorama communications but the firewall could not be added successfully until I allowed port 3978 traffic. The logs showed 3978 being recognized as SSL initially and...

TonyDeHart by L4 Transporter
  • 12010 Views
  • 22 replies
  • 1 Likes

PA-VM MGT not reachable in GCP.

I have PA-VM deployed in GCP with SD-WAN. PA-VM sits behind SD-WAN for intranet traffic.attached image is how my setup looks like . Query. I can't reach firewall mgmt via internal network (access via Public IP to mgt Public works fine) . everything on private interface (Eth1/1) works fine.We have return routing in place for MGT subnet in GCP rou...

Nischal by L2 Linker
  • 1648 Views
  • 3 replies
  • 0 Likes

Resolved! Error in commit after upgrade to 10.1.5-h1

After upgrade from a PA850 from 10.1.5 to 10.1.5-h1 in the end of last week we no longer can commit new configs 😞It gives the following error when we try to commit.Validation Error:rulebase -> security -> rules -> Block xxx -> hip-profiles unexpected hererulebase -> security -> rules is invalidWe've reverted to running config,...

Customer Portal error issue

I need to get licenses from the customer portal page under "Assets". However, I cannot as I keep getting an error on the page and only have "home" and "resources" as options in the left hand menu options. Is there a problem with the portal or is it something else?

cagwyther_0-1738167127357.png

Resolved! Application change port/protocol change request

I am Boundary Technician with the US AF, and currently TBS with a customer who are attempting to est. a tunnel with the following applications: wireguard and zerotier. The tunnels are not coming ups for some reason. Both applications are using the dynamic-udp as a standard port. Question, how to I request a port research / change for the two ...

Upgrading panorama questions

Some real easy questions. We want to upgrade our M-200, so in software platforms, I want the m type, correct? Also, can I safely ignore built in plugins? they don't need to be upgraded separately, correct? thank you

Understanding Syslog: Strata vs Panorama

Hello, I am part of an MSSP, and we ingest data from multiple clients. Some clients forward logs from Panorama, while others use Strata Logging Service. I would like to understand how we can differentiate logs based on their source—whether they were forwarded from Panorama or Strata. Is there a specific identifier or static keyword in the logs...

  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks