General Topics
Showing results for 
Search instead for 
Did you mean: 
We are conducting regularly scheduled maintenance over the weekend, which could cause some downtime on LIVEcommunity. We apologize for any inconvenience.
General Topics


Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 


In the past six


jforsythe by Community Team Member
  • 1 replies

Best Solution for New Design


first time for me write in PaloAlto forum I hope to find my answer here.


first, we have purchased PaloAlto 3020, and need the best design for the network securityز


My network content "1" switch L3 and "2" switches L2 


and we have VLANs  for use


MOsama by L1 Bithead
  • 1 replies

(DUP!) when pinging from the firewall

Hi guys,


Strange issue here which I'm hopeing to get resolved.  I was SSH'ed into the our PA VM-100 today and happened to run the command >ping host  This resulted in 100% (DUP!) replies on the ICMP replies.  However, when I specify the sour


Resolved! Panorama configuration logs

When making changes to firewalls through panorama, there is a history of those changes made.  When you go to the dashboard there is a widget that shows the last handful of config changes, so I know they are there.  Where in panorama can I go to view


Resolved! Proxy-ID Error message for GlobalProtect Client

We have configured a GlobalProtect Gateway to service clients using both the GP Agent and X-Auth parameters with 3rd Party Clients.


We have been receiving the following error messages:

'IKE phase-2 negotiation failed when processing proxy ID. cannot f


Suspicious login attempt found on PA.

Hi All,

I have a situation where someone tried to access Palo Alto and failed to login as the authentication was not granted. Any idea where i can go and see what was the source IP and location etc. A bit of forensics.


Any suggestions most welcome.




installing SFP modules on PA-5050

Hi I need to know the correct procedure for installing a 10 G SFP into a PA-5050. 


Can I install while they are on and running? Do I need a reboot?

Do I have to power off and install and power on?


I’ve tried to if an answer in the documentation

fribbl3 by L0 Member
  • 1 replies

Resolved! GlobalProtect behind NAT/PAT Cetificate Issue.



I'm configuring my GlobalProtect VPN and Agent keep saying "CN name mismatch".


Here's my infrastructure : 

The PA220 is behind the NAT of the ISP and all connexions on WAN_IP (that is the public IP) are translated to the address As po


Naelwan by L1 Bithead
  • 3 replies

Resolved! Question on GlobalProtect access route

Hi All,


I've successfully set up globalprotect for my remote users according to this link


I have a new problem. I want some user


Resolved! How many classified website on PAN-DB?

Hi There,


I have a customer RFP requiring that URL filtering product must have more that 50 million clissified webiste on its database. 


Does Palo Alto Networks URL Filtering solution (PAN-DB) have more than 50 Million classified webistes?


Thanks ver


cvieria by L2 Linker
  • 1 replies

Panorama Merge or migration



I do have 2 Panorama running with 7.1.9. 1 running with M100 physical and another one is VM. Both are having different device group , templete and devices.


I am looking for way to migrate all devices from M100 to VM. Is there any easiest/ safe


Resolved! syslog alerting in PAN-OS

There is an option for syslog alerting by email in PAN-OS , but even if used only for threats , not traffic, results in way too many emails. I am collecting threat events through Logstash into time series database InfluxDB . My very small program is


niuk by L3 Networker
  • 3 replies
Top Solution Authors