General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Resolved! URL Filtering Rule-Allowed Users to websites stops working for a few seconds.

Hi Guys

I have a problem,i set up URL filtering to block users from certian catogories and linked it to my security rule.-Works great.

Created new URL filter to allow Management to catogories which is blocked,created new Security rule and linked new

...

Commit error profile compiler can not find tid 40006 in threat database

Hi,

We are having issues with commit in the FWs from last Wednesday. The error that we receive is: "Error: Profile compiler : can not find tid 40006 in threat database". The commit finishes correctly, but with the warning of the error.

We have revert

...

NAT + DIPP question

Hi - we have experienced an issue where users in a certain zone were having intermittent problems accessing the internet. We speculated that there could be a NAT issue, and the pool might be full, or translations just werent working. The pool is larg

...

Resolved! Hello from Myky (formerly known as TranceforLife)

Hello All,

Just want to say "Hi". I will be an active member from now on so looking forward to meeting you all here.

Thanks,

Myky

POC in AWS - Palo Alto Active/Active under NLB

Working on a POC.

Have two firewalls sitting under an NLB. One of the firewalls routes traffic to database. This appears to be a limitation on the VPC route tables.

With traffic from App server destined for the DB, it goes through AZA palo alto.

W

...

PXE Boot Not Working

Hello everyone,

I have a new issue where a PA3020 has been placed between Client and Server subnets on the network. Since this install, building new PCs using PXE boot and deploying Applications using Windows SCCM no longer works.

The build starts and

...

Resolved! User ID and LDAP configuration

Hi ,

I am a beginner to PA Networks.

Can anyone please provide any document to configure the LDAP tree structure in WIN 2008 sever AD. So that PA user agent fetches the user - ip mapping information.

Thanks

Auto update of trusted root CA

Hello,

Our PANs are not updating the list of trusted root CA certificates which is causing issues with services such as Microsoft Skype for Business and other applications as we have SSL decryption enabled. Using PAN-OS 8.0.7

For example, Microsoft us

...

Analysis ransomware

Hi,

One of our servers have been infected by any kind of ransomware. We can see several files encripted. So we are seeing any evidence about the infection in the PA. The only trace that we saw in PA is that the infected server sends many dns sessions

...

Resolved! MS Updates blocked

It appears as though all of the sudden ms-upate traffic is being picked up as either session-end reason threat or n/a and updates are failing on my MS servers. Regardless of the server they all seem to be hitting the unidentified default rule at the

...

what does these values mean snmpEtherStatsRXNoErrors and snmpEtherStatsTXNoErrors ?

Hi,

Trying to rule out the a file transfer througputput issue, looking at the interface stats,

1. Is there a technote explain these values mean?

2. What are these values mean snmpEtherStatsRXNoErrors and snmpEtherStatsTXNoErrors ?

Thanks,

E

admin

...

Is there a way to make URL custom allow list take precedence over the block lists

Hi All,

I have an issue where we at times we block whole domains but we sometimes need to allow one sub-domain through. We recently put in the Palo Alto content filter and we have found it behaves very differently to our previous content filter whic

...

Site to Site VPN cannot use any private network range

Hello,
I have to set up a Site-to-Site VPN so our users can access some resources on a clients network. As we had here a lab firewall, another Palo Alto, I set up a test between our production and lab. This worked and I was able to connect. For the ac

...

Resolved! Standard License Expired

My Standard License on PA says it expired, however the description on it is same as the last box which says License am I missing something ?

License

Paloalto PA-820 automatic restart

Dear All

I have a problem, why suddenly our paloalto PA-820 automatic reboot?

This is informations :

Software Version8.1.2

Paloalto suddenly restart own self.

Logging :

1. flow_mgmt: Exited 4 times, must be manually recovered.
2. tasks: Exited 1 times,

...