General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 

 

In the past six

...

survey-livecommunity.png
jforsythe by Community Team Member
  • 14501 Views
  • 1 replies
  • 4 Likes

Failed to renew device certificate

Hi

 

the device certificate is going to expire end of march.

My PA trys to renew it and comes up with the following error:

Failed to renew device certificate.Failed to send request to CSP server.Error: No OCSP response received(dest => 35.238.43.180)

 

I h

...

kbe by L3 Networker
  • 4198 Views
  • 7 replies
  • 0 Likes

Gp version 5.2.10 upgradation issue

In global protect portal  App>> Transparently setting we have done. but after this setting Global protect client version not updated automatically now 15 days passed .is there any issue in 5.2.10 version of Global Protect.   

SurajN by L2 Linker
  • 328 Views
  • 0 replies
  • 0 Likes

flow_fpga_ingress_exception_err and high latency

Recently deployed several PA-5250s Running 10.1.3 and there is a issue that randomly comes and goes.

Latency for traffic going through the firewalls spikes to 100-500ms. I was able to capture one thing that looked peculiar and that was flow_fpga_ingre

...

category malware with action allowed

Hi,

we use Splunk.

 

We tried following searchstring: http_category=malware | timechart count BY vendor_action

 

We find out that we get back action allowed with category malware.

Is there a failure in the search? The action in our URL security profi

...

VM series log not detected in Azure Sentinel

Here’s the problem statement:

 

1] If Syslog UDP 514 is configured in PAN FW on-prem and vm-series, There were missing logs in AZ Sentinel, Incomplete logs is experienced and there were packets fragmentation.

2] MS Sentinel support recommended to change

...

Resolved! Allow single user to bypass MFA

Hi All,

 

I would like to access Global Protect for myself using different profile to access one of our resources subnet 10.21.xx.xx.

 

I want to access without having to go through 2FA. Any idea for it? is it possible?

 

Do we need to create another gatew

...

Clientless VPN question

Hi All,

 

I have a query for Clientless VPN. I have a working solution which is suitable for a normal user. Unfortunately I seem to have abnormal users (don't we all really) who are complaining that there are too many log ons. They have to log on to Cl

...

a.jones by L3 Networker
  • 533 Views
  • 2 replies
  • 0 Likes

Using minemeld to whitelist Oracle Cloud IP ranges?

I currently use minemeld to whitelist the list of O365 IP ranges etc, but I have not been able to find a miner for the Oracle Cloud.

 

Oracle publishes a JSON file with the relevant IPs (https://docs.oracle.com/en-us/iaas/tools/public_ip_ranges.json)

...

user-id-agent unexpected here

Hello, 

 

i just update pan os from 9.1.6 to 10. 

And on one of the firewall i get error:

..........
Validation Error:
user-id-agent unexpected here
vsys is invalid
[edit]

 

Could you please advice were can be the problem.

Thank you!

stef by L2 Linker
  • 1883 Views
  • 3 replies
  • 0 Likes

Resolved! SSL Decryption for IoT devices

I am rolling out SSL Decryption for the wired subnets at my office. It's working great for the users since their laptops and devices are on the domain and trust our private CA which is used as the forward-trust cert. I'm running into issues with othe

...

Top Liked Authors