General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

ECCN for PA-5410

Hi

Can you help me with US ECCN for PA-5410 please?

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

AI-ops BPA is not giving correct results after techsupport file analysis

Hi,

After my Palo account manager encouraged me to use the AI-Ops page, I uploaded the most recent techsupport file and carried out an on-demand BPA.

Some of the findings / recommendations are already done within our box. For eg: it says to ensure t

...

User-ID Self-Signed Certificate expire with local users

Hello,

I have an important question regarding User-ID Self-Signed Certificate expires on 18 NOV 2024

https://live.paloaltonetworks.com/t5/customer-advisories/update-to-additional-pan-os-certificate-expirations-and-new/ta-p/572158

What I understoo

...

reconnaissance protection alert search

We have alerts set up but I need to search for the alerts but what is the search string

Clean Firewall Policies

Hello all,

I am thinking of how can i clean/organize my firewall policies. Many rules seem to be mixed up within each other. Do you have any suggestions to make it more appealing to the eye? How should I organize my rules?

A question about PAN-240612

Hi,

I have a question about PAN-240612.

=====

Fixed a kernel panic caused by a third-party issue

=====

What feature does this issue relate to?

And what exactly is “third-party”?

BR

Resolved! How to configure gre over ipsec？

Hello

For example, some implementations require multicast traffic to be encapsulated before IPSec encrypts it. If this is a requirement for your environment and the GRE tunnel and IPSec tunnel share the same IP address, Add GRE Encapsulation when yo

...

Palo Alto Academies

Good Afternoon,

How do you apply for the academies listed in the early careers section of the main website?

Resolved! Perimeter FW in A/P HA directly connected to Palo Alto vwire in A/A HA

the basic topology is:

Internet FW are non-palo alto in HA A/P directly connected (no switch in between) to a pair of Palo Alto in A/A HA -in Vwire mode (no Layer 3 on the Palo Alto but in transparent-zone)

then Palo Altos in A/A HA are connected to

...

x-forwarded-for IP not appear in traffic log

Hello everyone,

I have enable x-forwarded-for in PA.

When I look at the pcap from PA, I see the ip address

but from monitor log traffic, collum x-forwarded-for ip is empty

Please your help.

Thank you

pa-410 lost monitor log function and ACC function

I have a PA410. After upgrading the software recently, I found that the original monitoring log has reduced a lot of functions, and even the ACC function has been lost.

I checked the website information and found that this function was cancelled after

...

Resolved! Telemetry error - CDL Receiver Key Empty

Hi All,

We have a client who all of a sudden started to receive the following telemetry error - 'CDL Receiver Key Empty' on PA-440. No changes have been made. Currently running PAN OS 10.1.2. They are not using CDL and are just sending Telemetry dat

...

Resolved! UNABLE TO PING MANAGEMENT INTERFACE FROM LAN

I have a fairly simple network setup in my LAB

Management Interface 192.168.1.1 /24

LAN Interface 192.168.100.1/24

DESKTOP IP 192.168.100.100

I have allowed all the Internal Subnet on the Management interface which is 192.168.100.0 /24 in permitted l

...

Resolved! Failover IPSEC tunnels with tunnel monitor keeps both tunnels active

We have just configured 2 IPSEC tunnels with a remote palo. Both sides have 2 IPSEC tunnels with tunnel monitor and DPD configured. For some odd reason, the when the primary tunnel is active and has active routes going to it, the secondary tunnel s

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

ECCN for PA-5410

Ensuring a Safe and Secure Community: How You Can Help

AI-ops BPA is not giving correct results after techsupport file analysis

User-ID Self-Signed Certificate expire with local users

reconnaissance protection alert search

Clean Firewall Policies

A question about PAN-240612

Resolved! How to configure gre over ipsec？

Palo Alto Academies

Resolved! Perimeter FW in A/P HA directly connected to Palo Alto vwire in A/A HA

x-forwarded-for IP not appear in traffic log

pa-410 lost monitor log function and ACC function

Resolved! Telemetry error - CDL Receiver Key Empty

Resolved! UNABLE TO PING MANAGEMENT INTERFACE FROM LAN

Resolved! Failover IPSEC tunnels with tunnel monitor keeps both tunnels active

WTH is process 'touch' and hwy is it showing zombie?

Add Virus exception

Migrate model FW to virtualwith panorama for policies (recommended procedure)

Newly Registered Domains configuration

Panorama 11.1.8 supports Azure VM series Palo Altos

Re: Virus/Win32.WGeneric.esuykr(752144200) via filename=msvcp140_2_app.dll

Re: Excel downloads being blocked

Re: Panorama 11.1.8 supports Azure VM series Palo Altos

Re: Newly Registered Domains configuration

Re: Changes to sinkhole?

Unlock your full community experience!

Resolved! How to configure gre over ipsec？

Resolved! Perimeter FW in A/P HA directly connected to Palo Alto vwire in A/A HA

Resolved! Telemetry error - CDL Receiver Key Empty

Resolved! UNABLE TO PING MANAGEMENT INTERFACE FROM LAN

Resolved! Failover IPSEC tunnels with tunnel monitor keeps both tunnels active