This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

Hardening Guide for PAN NGFW and Global Protect

For compliance reasons, specifically StateRAMP (and likely FedRAMP in the distant future), I'm looking for any hardening guides or STIG for the PAN NG-FW and Global Protect or even general best practices. I feel odd asking for "security hardening" for a security solution, but I'm just making sure all bases are covered. I've found a couple t...

malmgren by L0 Member
  • 2461 Views
  • 1 replies
  • 0 Likes

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries. You'll find this new area under the Articles section of the main menu: Our goal is simple: provide clear, comprehensive resources that address your most frequent issues. Using data-driven ...

kiwi_0-1719493645523.png
kiwi by Community Team Member
  • 2875 Views
  • 2 replies
  • 1 Likes

Firmware upgrade ver from 10.2.10 to 11.1.x.

Hi Support,Our organization is in the process of upgrading the firmware of Palo Alto 460. We are now on 10.1.10. We would like to upgrade to 11.1.x. I would like to know which is the recommended version. There is always a dilemma of which version is the best and have minimum vulnerabilities. By reading various documents it is more confusing to u...

how to uninstall global protect when it keeps reinstalling even after i uninstall it (i have admin)

Hi there, Ive tried to uninstall gp from my computer, however, it keeps reinstalling. I have tried deleting all files related to gp (e.g appdata gp files and gp program files). ive also tried this method (link is below) but it doesnt work as it keeps reinstalling. Does anyone know how to uninstall it permanantly? https://knowledgebase.paloal...

Mulit-Vsys setup with Wildfire

Hi Friends, We are planning for a multi-vsys PA setup, where one vsys will have only L3/L4 policies and second vsys will be in L2 bridge mode with Threat prevention features only. Vsys1 will only scan L3/L3 policies while vsys2 will scan traffic for any threats. We believe this is logically possible solution, need some clarity on integrating W...

Site blocking under music category

Hi Team, One Visa processing URL blocking under Music category in my firewall. I ready added the this site into allowed list. But still blocking under music category. How to allow this URL make acces withough enable music category.

IPsec tunnels to multiple peers with overlapping remote networks

Say I have site-to-site IPsec tunnels from my Palo to 2 different peers. How do I handle the case when the 2 peers have the same or overlapping networks? Do I ask one of the peers if they can NAT their network to something that doesn't conflict with my other peer? What if neither peer is able to NAT?  

ipsec_overlapping_remote_networks.png

GP Always on VPN - Except if on internal LAN?

Is there a way to implement this? I have seen the internal host detection option but as far as I can see that is only to choose whether you connect to an internal or external gateway.I want all remote site users to go through the Palo Alto, but I can achieve that by routing alone. I dont see what I would be achieving by forcing vpn while on inte...

welly_59 by L3 Networker
  • 4223 Views
  • 3 replies
  • 0 Likes

GlobalProtect Always On Issue

I am currently testing GlobalProtect Always on, I have configured to operate at user logon. The issue I am having is that on start-up of my laptop, on my corporate network I am prevented from any network access. If I connect to my public WIFI and connect GlobalProtect and can access my network ok. Reverting back to my corporate network and it th...

rossm by L1 Bithead
  • 5909 Views
  • 8 replies
  • 0 Likes

how to add certificate global protect for ipad

Hi everyone,"I'm stuck at step 7 (7- Settings > Profile downloaded >"Im stuck in" Install > Enter phone Passcode > Install > Install > Install >Done),When I install the certificate, it shows a notification that it cannot be verified "not verified' When setting it up, there is an additional message: 'The authenticity of "myna...

HAINVH by L1 Bithead
  • 1668 Views
  • 4 replies
  • 0 Likes

License Usage AuthCode

Hi there We are trying to track license usage as shown here: https://docs.paloaltonetworks.com/vm-series/11-0/vm-series-deployment/license-the-vm-series-firewall/vm-series-models/licensing-api/use-the-licensing-api/track-license-usage For the call to work, auth code is required. Calling the "devices" endpoint does not include this particular...

Resolved! Site to Site VPN

Quick question on setting a site to site vpn, using tunnel mode. If I have a site "A" peer going and connecting with a site "B" peer for a VPN, can both sites have the same IP address subnet, or will that conflict? Scenario: Site A: 192.168.20.5/24 (Local LAN) Site B: 192.168.20.88/24 (Local LAN) Would a NAT be required within the Palo ...

GlobalProtect Android version 13 issue

Global Protect login continues to fail on Version 13 Android. It seems to have been caused by Android security enhancement issues. created it with SHA 384 but I can't log in. "The network connection is unreachable or the portal is unresponsive, Check the network connection and reconnect" There is no problem with global protect c...

qmso475_0-1701243435266.png
qmso475_1-1701243590189.png
qmso475_2-1701244110530.png
qmso475 by L3 Networker
  • 4920 Views
  • 11 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks