General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 1, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Resolved! PAN-OS Version Numbering

I saw a strange PAN-OS version on the support site software updates and wanted to know what this version is. What does the "h2" designation mean?

8.1.6-h2

New to Palo Alto from Juniper SSG

I was wondering if someone could enlighten me on how to replicate the Mapped IP functionality from Juniper SSG to Palo Alto.

We have a number of services on our current Juniper SSG. The way we firewall these services is using MIP's on the Untrust Zon

...

Resolved! PA support SVTI

Hi @reaper

Do palo alto support SVTI like Cisco.

SVTI configurations can be used for site-to-site connectivity in which a tunnel provides always-on access between two sites. The advantage of using SVTIs as opposed to crypto map configurations is that

...

Resolved! Mac OSX HIP check based on processes

I've recently turned on HIP profiles for our windows users, checking to see if our patch management and AV is running by looking at processes. I need to do the same thing for some of our Mac users, but I'm striking out. What is the best way to veri

...

Antivirus/Anti-Spyware Response Page not working

Hey Community!

I noticed that our Firewall (PA-3020, PAN-OS 7.1.6) does not serve an Antivirus/Anti-Spyware block page.

When I use http://www.eicar.org/85-0-Download.html to test it, I can see that it is blocked.

ThreatLog shows action "reset-both" but

...

Resolved! 8.1.5 BGP question

Hi

I have some inserted routes into my BGP for redistribution.

firstly I have a NAT address associated with a loopback. I had a redis rule saying connected and added in the interface.

That didn't add the ip address into the BGP tables, tried just the

...

Support for eliptic curve x25519 for inbound SSL decryption?

On PAN-OS 8.1.2 I'm getting decrypt-errors when decrypting inbound traffic. I ran a test using SSLabs.com, and I found that newer browsers are requesting x25519 and getting a handshake error. It's showing that only secp256r1 are secp384r1 are support

...

How to configure PAN to allow for SFTP traffic over public ip

Hi ,

How to configure PAN to allow for the SFTP traffic over public ip.

Thanks

KM

Increase Panorama logging

I currently have a virtual Panorama on esxi running version 8.1.x in legacy mode. The VM is configured with a system disk and an additional 500GB disk for logging. The 500GB is proving to be not enough as I'm only able to keep a little of 1 month of

...

Resolved! Allow inbound concetion to multiple servers from single public ip

We have vendor device with public ip in internet.

IT need to talk to multiple servers inside the company network.

all the internal servers have private ip and connection need to come on different port numbers.

Currently I am allowing the incoming con

...

Test vlan network for rsa secureid

Hi all,

I have project where I need to have a test vlan in my pan820 that will intergrate with Secureid authentication manager 8.4, my plan is to have this test vlan separate from the inside network, and also from globalprotect, we will be putting pc

...

Resolved! Global Protect + Captive Portals + Enforce GP for Network Access = Bad User Experience

Hi community

Do you maybe also use Global Protect with the setting "Enforce GlobalProtect for Network Access" enabled? And does this also made you a headache? Even worse do you have https website configured on the client computers as default websites

...

Resolved! How can I run a report to extract users logged in via Global protect last month?

How can I run a report in PaloAlto Firewall to extract users logged in via Global protect last month?

PA-500 5.0.2

Resolved! Connection from outside to Inside Server

We have specific device that has public IP and need to connect to Server inside our network

That server has private IP address and that address is not in any physical interfaces of the firewall.

Need to know how can I allow the connection from this

...

Resolved! docs.paloaltonetworks.com outage?

Can reach the main page, but clicking on any links on that page brings up "Internal Server Error".

Discussions

Join us for an amazing virtual event - Ignite: What's Next - October 1, 2025