This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

Nonsense configuration changes from "preview changes"

Hello everybody, from time to time, whenever I commit small changes to my PAN firewalls, if I click on the "Preview changes" button I see (beside my changes) a list of items and configuration partials that are moved around, ie custom report configurations deleted from the top of the config and then added again in a lower portion of the config ...

grenzi by L3 Networker
  • 4228 Views
  • 2 replies
  • 0 Likes

Global Protect user id and machines

Hi , Is there anywhere that I can restrict that client vpn user "BOB "using the global protect that can connect only once and not many times the same time from different systems like I have users connecting from the mobiles , tablet and computer the same time ? I would like to have that user can connect 2 times the same time from different devices.

App-id Matching Process

I'm running PA-VM and created with one active rule: From: InsideTo: OutsideApplication: Web Basic Application group (ssl,dns,web-browsing,ping)Service: application-defaultAction: AllowSSL Decryption is disabled I'm facing issues browsing to websites with preconfigured App-ids:Not working:linkedin/soundcloud/batte.net/docs.google.com(any other ...

PA-Rules.png
linkedin-server-certificate.png
zizo94 by L0 Member
  • 5569 Views
  • 2 replies
  • 0 Likes

SLL Forward Decryption and Spotify

Hi All, Today I decided to implement SLL Forward decryption. Everything is working great except for one thing, Spotify. I know what you'll say, "You allow spotify?. Yes, but just for me. With decryption disabled spotify works fine, with it enabled it just skips through all the song in my playlist. Any idea what could be causing this?

Adding sub interface to existing interface

We are currently using our 3260 firewall to handle BGP to our MPLS router.the connection is trunked through our core switch, Native 200, allowed 200 & 255 (mgt & bgp respectively)Router 1:G0/1 10.200.254.3 (mgt)G0/1.255 10.255.255.129/30Firewall:E4 10.255.255.130/30 Untagged We are adding a second MPLS router for redundancy, Router 2: G...

Resolved! Disable Server Response Inspection for our SMTP server?

We are having horrible delays with email taking up to 30 minutes to be delivered. Our email servers send mail to a 3rd party email security provider. So, I disabled DSRI from our SMTP server to their SMTP server. Email speed was back to being delivered in seconds. I wanted to have someone else confirm that my thinking is correct on this that it ...

abrrymn by L0 Member
  • 8435 Views
  • 4 replies
  • 0 Likes

How to update the BGP Imports in a Panorama template

I am trying to update the Import values in the BGP parameters in the Virtual Router in a template on a Panorama. My command looks like this: set template Test-Template config network virtual-router default protocol bgp policy import rules Route-IN-MPLS match address-prefix 0.0.0.0/0 exact yes I get a message like this:Server error : Test-Templat...

firebase-cloud-messaging app-id additional ports may be required

Hey there, Here's something that was brought up by one of our teams. According to this kb article cloud messaging also needs these ports.https://firebase.google.com/docs/cloud-messaging/concept-options#ports_and_your_firewall I was able to find logs related to this where the application was identified as google-base or unknown-tcp and denied. An...

icozma by L0 Member
  • 3691 Views
  • 1 replies
  • 0 Likes

How to change from category insufficient-content to Private IP address?

Hi Teams,How to change some intranet website from category insufficient-content to Private IP address?i already use portal to request change.but, when i choose category Private IP address, this category is disable and can't be click.i believe we already use this intranet website long time ago.last time categorized as Private IP address, but just...

Panorama 8.0.2 - Buggy???

We have multiple models of FW hardware running primarliy 7.1.9 and it seems like since upgrading to Panorama 8.0.2 from Panorama 7.1.9 that it is almost painful to make changes. It seems everytime we push to devices something fails. Today specifically we push some changes and it says "failed" look in the log and it says synchonization failed but...

Wald by L2 Linker
  • 2718 Views
  • 1 replies
  • 0 Likes

Shared Objects in Panorama

Is there a concept of shared objects at multiple levels in Panorama ? For example, I can have a top level setting at the shared level which says password length is 15 characters and I want that to go to all firewalls. What I need, is a second shared level beneath that (like at the template stack level) that says anything in "This template stac...

Cisco WLC integration problem with PA.

I have Cisco WLC 5508 , kiwi syslogd and PA.I can see snmp traps in Syslogd but only username is visible , ip address of the client is missing.Can anybody help how to parse it in Palo alto Firewall. Regards,

IPSec VPN with cert authentication: RSA_verify failed

Hello community! Created a VPN Palo Alto - Cisco Asa with certificates for Ikev2 gateway authentication. Cannot establish the VPN. Did a debug and get the following error when the palo alto is trying to validate the ASA´s certificate [PERR]: RSA_verify failed: 1099255804384:error:04091064:rsa routines:INT_RSA_VERIFY:algorithm mismatch:rsa_sign.c...

Carracido by L4 Transporter
  • 7479 Views
  • 3 replies
  • 0 Likes
  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks