General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Palo Alto Networks Approved

Community Expert Verified

Resolved! Howto delete sub-interace from cli

Hi,

I`m trying to delete a sub-interface from CLI but cant seem to find the correct command, i managed to remove the IP address and tag but not the entire sub-interface.

admin@PA-200# delete network interface ethernet ethernet1/4 layer3 units ethernet1

...

CPSP Program Member Confirmation

Hello,

I am both domain administrator and super user in paloalto. And, we are partner. I need to get Micro-Credential for Cloud Security Consultant (PMCC). It needs "CPSP Program Member Confirmation". And, I send request and it says, "Activity req

...

Threat Prevention - Qualys PCI

Hi all, I have a bit of a dilema here and hoping somebody may have some ideas....

We have threat prevention profiles applied to security policies relating to traffic entering our DMZ from the internet.
We have PCI obligations and use Qualys' PCI scann

...

Resolved! Expand Log Storage Capacity on the Panorama Virtual Appliance

Hi everyone,

I'm using Panorama 8.0.5 in Legacy mode on ESXi 6.0, I've 2 virtual disks:

virtual disk 1: 52GB for system

virtual disk 2: 500GB for logging storage.

Now, I want to expand the size of logging storage up to 2TB. So can I just chan

...

Palo Alto's preferred version 10.2 having significant issues

Hi All,

10.1 is going to be EOL in Dec-2024 and if we plan to upgrade on palo alto preferred ver 10.2 then There is a risk that the firewalls may experience significant issues ("popcorn effect"), potentially causing major disruptions to business op

...

Resolved! GP - Connect with SSL Only

I am running panorama 11.1.3 and using prisma access (Mobile_User_Template). I have read that there is a Connect with SSL Only option but I can not find this. I'm looking in Portal->Agent->App.

What am I missing?

Here is every setting I have past

...

THREAT ALERT : high : 169.254.254.238 -> 169.254.255.255 Microsoft Windows NAT Helper DNS Query Denial of Service(31339) alert

Hello Team,

We got the below threat alert from the panorama and not able to understand the most of the part , like source and Destination . Both IP looks the outside my network but still its showing the rule: Outbound_Default_URL_IPS . One of my outbo

...

Resolved! Access limited to tenant

Hi,

Is it possible to define user profiles or roles on Cortex XDR so that, for example, on the same tenant:
- when a user/admin with role X logs in, he/she can only see Workstations
- when a user/admin with role Y logs in, he/she can only see Servers.

I

...

Traffic log source user different from User-ID log

Hi everyone,

Greetings!

PA-1410
11.0.4-h1

I have a bit odd issue, the traffic log (ip address) is showing a local firewall account as the source user but when checking the user-mapping (show user ip-user-mapping ip) or User-ID log was mapped to an AD-us

...

Assistance with URL Filtering

Having some issues getting URL filtering to work as I would expect. Have a valid license, created a URL filter profile blocking some categories. Created and SSL decryption policy as well and applied it to a test users. Games is one of the categori

...

Palo Alto Networks Approved

Query regarding counters and debug data-plane pow performance output

Hi Folks,

One of our customer is facing CPU utilization of around 50 to 65 percent during the production hours.

The firewall model is PA-3220 and the PAN-OS version is 10.1.5.

Checked the session utilization, Packet buffer and descriptor all is

...

Unable to see IPSEC tunnel IP in trace

Unable to see IPSEC tunnel IP in trace.

IPsec tunnels have tunnel interface where the IP is configured.

Peer1 - PA

Host 1 - behind PA

Peer2 - Other vendor

Host 2 - behind Peer2

Host 2 trace to HOst1 , can see Ipsec tunnel IPs in trace,

when

...

Community Expert Verified

Resolved! PA-460 Upgrading from 10.2.3-h9 to 11.2.0

Hi Guys!

I was in my way to upgrade my PA-460 from the version 10.2.3-h9 to 11.2.0, i tried to use the Validate button, to take a look at the upgrade path, but i can't see any result, but i still have my doubts,

I saw that in the Documentation s

...

Resolved! Wildfire Analysis Reports - Cannot View from Panorama or NGFW (detailed log view) but available in Wildfire Dashboard wildfire.paloaltonetworks.com

Monitor > Wildfire Submissions - Detailed Log View

Fetching WildFire server wildfire.paloaltonetworks.com:443 report failed!
Please examine service route, proxy setting, and secure connection client setting.

The reporting firewalls are regi

...

Single vpc with Igw, alb, gwlb and Apache servers. Not working

I followed the directions to a T. Ingress route on Igw, pointing towards the subnets defined in alb. Gwlbe subnet with default route to igw, default route on alb subnet to gwlbe, app subnet with default route to gwlbe. end points defined, gwlb with h

...

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free