General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

How to configure PAN to allow for SFTP traffic over public ip

Hi ,

How to configure PAN to allow for the SFTP traffic over public ip.

Thanks

KM

Increase Panorama logging

I currently have a virtual Panorama on esxi running version 8.1.x in legacy mode. The VM is configured with a system disk and an additional 500GB disk for logging. The 500GB is proving to be not enough as I'm only able to keep a little of 1 month of

...

Resolved! Allow inbound concetion to multiple servers from single public ip

We have vendor device with public ip in internet.

IT need to talk to multiple servers inside the company network.

all the internal servers have private ip and connection need to come on different port numbers.

Currently I am allowing the incoming con

...

Test vlan network for rsa secureid

Hi all,

I have project where I need to have a test vlan in my pan820 that will intergrate with Secureid authentication manager 8.4, my plan is to have this test vlan separate from the inside network, and also from globalprotect, we will be putting pc

...

Resolved! Global Protect + Captive Portals + Enforce GP for Network Access = Bad User Experience

Hi community

Do you maybe also use Global Protect with the setting "Enforce GlobalProtect for Network Access" enabled? And does this also made you a headache? Even worse do you have https website configured on the client computers as default websites

...

Resolved! How can I run a report to extract users logged in via Global protect last month?

How can I run a report in PaloAlto Firewall to extract users logged in via Global protect last month?

PA-500 5.0.2

Resolved! Connection from outside to Inside Server

We have specific device that has public IP and need to connect to Server inside our network

That server has private IP address and that address is not in any physical interfaces of the firewall.

Need to know how can I allow the connection from this

...

Resolved! docs.paloaltonetworks.com outage?

Can reach the main page, but clicking on any links on that page brings up "Internal Server Error".

HA Configuration Between the Buildings with Dark Fiber availability

Hai Team,

We have two building next to each other and we have dark fiber connectivity between them.

I would like to know how do we configure HA betweeen them. how do i make use of dedicated HA ports.

Firewall models PA-3020 runn ing 8.0.7

Resolved! Out of disk space

Hoping someone can help me. I have a PA-200 which has run out space in the root filesystem.

admin@f-lonftz-pawireless2> show system disk-space

Filesystem Size Used Avail Use% Mounted on
/dev/sda2 1.9G 1.8G 0 100% /
/dev/s

...

Consistent Profile Assignment

Does PA advocate the assignment of Security Policy Profiles (with at least alert actions) to all rules. Is it a best practice?

mac address based firewall policies

Does anyone think of mac address based firewall policies?

Panorama and active/active configurations

Hi,

Recently, we added more PA devices to our infrastructure and we decided to start using Panorma to manage all these devices.

So far, we haven't experienced an improvement in efficiency or user/admin friendliness.

Let me (try to) explain:

We have two

...

Certificate attached to non existant security profile

Hello,

I've encoutered a problem regarding the deletion of a Certificate. When i try to delete it i get the following error message:

1- Failed to delete certificate - xyz xyz cannot be deleted because of references from: ssl-tls-service-profil...

Custom extensions for file blocking

I've got our PA setup to block file types that are risky. But, I've found a problem with Symantec LiveUpdate pulling down the update files it needs. It uses a couple odd file types that aren't in the list as types that I can allow for a profile. I

...

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

How to configure PAN to allow for SFTP traffic over public ip

Increase Panorama logging

Resolved! Allow inbound concetion to multiple servers from single public ip

Test vlan network for rsa secureid

Resolved! Global Protect + Captive Portals + Enforce GP for Network Access = Bad User Experience

Resolved! How can I run a report to extract users logged in via Global protect last month?

Resolved! Connection from outside to Inside Server

Resolved! docs.paloaltonetworks.com outage?

HA Configuration Between the Buildings with Dark Fiber availability

Resolved! Out of disk space

Consistent Profile Assignment

mac address based firewall policies

Panorama and active/active configurations

Certificate attached to non existant security profile

Custom extensions for file blocking

CVE-2024-3393 - Any tips on using Panorama in CLI mode SET output?

Site to Site VPN

advanced url filtering question

How to install a Cortex XDR agent communicating through the Palo Alto Networks Broker VM?

Are there signature release for following vulnerabilities?

Re: Are there signature release for following vulnerabilities?

Re: OS Upgrade path to 10.2.10-h9

Re: Regarding Security Advisory CVE-2024-3393

Re: Anyone experiencing slow websites with PANOS patched for CVE-2024-0012/CVE-2024-9474?

Re: receive incoming errors / 'rcv_fifo_overrun'

Unlock your full community experience!

Resolved! Allow inbound concetion to multiple servers from single public ip

Resolved! Global Protect + Captive Portals + Enforce GP for Network Access = Bad User Experience

Resolved! How can I run a report to extract users logged in via Global protect last month?

Resolved! Connection from outside to Inside Server

Resolved! docs.paloaltonetworks.com outage?

Resolved! Out of disk space