General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Template Stacks for HA (Active\Passive)

Looking to deploy template stacks to all of our managed firewalls from our Panorama 8.1.x. I am wondering how to deploy STACKs with values unique to each individual in a HA (active\passive) pair. Some settings would include:

Hostname,

HA configuration

...

Palo Alto 8.0.7 basic ospf configuration not working with aruba switches

Folks,

We have 2 Palo Alto FW and 4 aruba switches in the same area (area 0), we are noticing that the aruba fw is loosing neighbor relationship with the routers every couple of seconds 30-60 seconds. The configuration is very simple, an

...

Adding filter "?v=panosurl" broken access to all websites

Custom URL category is configured to block phishing URLs collected from Linux MineMeld server through EDL. For some reason adding filter "?v=panosurl" (https://10.9.0.60/feeds/phishing-url?v=panosurl) to retrieve URLs in PAN-OS supported format (malw

...

Resolved! PAN-OS Software Release naming?

Just upgraded to PAN-OS 8.1.9 on our PA-500 a few weeks ago. Just saw that 8.1.9-h4 is available now. Wondering what the significance is of the "h" in the name of the release version.

9.0.3 -h3 - Possible bug?

Hi,

anyone had issues after updating to this version?

We had strange behaviour accessing some websites stating that 'File Transfer Blocked' there was nothing showing in the logs.

We rolled back to 9.0.3 and problem went away. Possible bug ?

D.

BPA First Time Configuration Merge with Production configuration

Hi Team, I have completed BPA Day one Configuration and would like to merge those best practice with my Production configuration back. Please suggest the best way to implement. thank you

Global Protect external IP address - Best practice?

Hello,

We are a moderately-sized customer without an assigned sales or engineering resource due to account transitions.

We are in the process of moving to a new ISP and it has been suggested by internal resources, for other reasons, to utilize the s

...

Resolved! False positive threat

Hello,

PA-3020 is falsely identifying some adobe-creative-cloud-base traffic as being a threat. I can't add an exception for this as the log view does not contain a threat ID as it normally would for a threat. All of my dynamic updates are up to da

...

Resolved! debug dataplane for vwire and flow

if we have PA in vwire mode for troubleshooting purposes we can do pcap

Also we can do

debug dataplane packet-diag set log feature flow basic

Other then this can we use any other flow for vwire troubleshooting?

Cisco ASA multi Context migration

I am migrating a configuration over from a Cisco ASA that uses multiple contexts and have several questions about how to replicate that in a PA.

1. The ASA's use port-channel groups and for the internal and external those are shared. On the inside in

...

Resolved! DNS security and cloud lookup

With PAN OS 9.0 Does PA do cloud clookup for everydomain

or

only for domains which are not in DNS sinkhole of Antispyware profile?

I was told DNS security is a part of PAN DB so when clouds verdict is that particular domain is bad hows does this

...

Resolved! Turning Off DNS Lookups When Performing Dataplane Packet Capture?

Is it possible to turn off DNS lookups when performing packet captures on the dataplane?

I was hoping to run some pcaps, without taking up too many unnecessary resources through DNS lookups.

Thanks.

Resolved! Policy rule hit-count data is not stored on the firewall or Panorama

For link below

https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-new-features/management-features/rule-usage-tracking

Policy rule hit-count data is not stored on the firewall or Panorama so after you clear the hit count using the reset option, tha

...

Resolved! commit error

today i got commit error

Client websrvr requesting last config in the middle of a commit/validate. Aborting current commit/validate.

Commit failed

Fix was i just need to run the commit again.

Need to know why this commit error occured?

Setting All traffic of a specifif URL to the primary ISP

Hi Everyone!

How will I set all traffic from https://www.siteground.com/ to my primary ISP? Because Currently we have two isp and running in a balanced round robin. The issue is whenever we go to the website it shows an error "Due to ip changed ins

...

Discussions