General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Resolved! Global Protect with multiple portals and gateways.

I have a working portal and gateway on PA3020 running 8.0.12.

I want to setup another portal and geteway and repliciate all the settings.

Second GP will be used for testing purposes.

Only changes would be to use another public ip ,create another tunnel

...

Resolved! Is there any command to modify tls response version for ssl decryption forward proxy

When a client's browser disabled TLS1.0 and connect to a website which is only support TLS1.0.

Is there any way to let PA firewall response TLS1.0 to user?

Because before we replaced our customer's firewall, their firewall was CheckPoint CP5800.

In sa

...

OVA file

pa-vm-esx-8.0.ova

I need to download the OVA file for training purposes. How do I go about getting a file?

I have various response pages configured to allow the user to click and send an email when hitting a blocked site. The URL one works fine - user clicks continue, new email pops up with the following placed in the email : URL and user name.

For F

...

Url blocking

Hi guys,

surely a stupid question, but cannot find out.

PA (a 5060 couple), as seen in the screenshot, allows the connection but blocks the corrispective URL.

How can I allow the URL too?

Thanks

Resolved! difference between restart process and restart core process

1> debug software restart process
authd authentication process
configd configd process
logd logd process
management-server Management server process
mdb Mongo DB
ntp Restart and re-synchronize NTP service
reportd reportd process
snmpd snmp process
user-id Use

...

Configure VPN from Android Phone to Access VPN

Hello All,

I am trying to configure my android phone to connect to palo alto vpn. I use IPSEC Xauth PSK as Type and the IPSEC identifier do i need to put the Group Name and Group password from X-auth support.

Can someone confirm me this.

No sound/video MS Teams while using minemeld to pull Microsoft IP's

Hi,

When we start a teams meeting we have no sound or video, one to one call works!

We use minemeld with palo alto to get list of allowed microsoft IP's.

But we see requests to the following microsoft IP's that are not in this list:

51.144.76.36

...

Resolved! API + (new) zones

Hey all,

i have started to work with the API and Postman lately in order help with making the setup process of new boxes a little easier & faster. While I have been able to get most of the basics done (Management IP, DNS, NTP, etc.) I am now struggli

...

Setting up Palo FW in vwire mode between router and switch.

We currently have a Cisco switch and router with in our environment. The router does inter-VLAN routing for traffic coming from VLAN's (about 6) on switch; typically as in a ROAS setup. So the switch is L2 and router is L3.

Looking for a away to plac

...

GlobalProtect Configuration Opinions

Greetings!

Just to be upfront, I have my configuration working for the most part but I'm interested to hear if there's not a better/safer/quicker way of bending GlobalProtect to my needs. Please feel free to chime in with ideas, opinions or suggestio

...

Resolved! System log - Name resolution takes too logn,...

Hi all,

do you know Name resolution takes too long, diskable name for Risky Users in system log ?

This log appears every day at 2:05 am.

Thanks.

Resolved! How to add domain security group superuser access

Hello,

I would like to add a domain security group superuser access to Panorama and devices. So any users in the below groups access to both panorama and firewall’s.

Superusers - CN=PA Superusers,OU=Global Groups,OU=Ad Australia,DC=ad,DC=com,DC=au

...

Problems with routing two different LANs in the same interface

I have this scenario:

My PA-200 have 2 interfaces: one connected to the Internet Zone, another to the LAN Zone. The LAN interface has 192.168.1.1/24 as its IP address. I have another LAN connected through a router with 192.168.1.254 IP address.

...

Resolved! How does PAN OS 8.0.14 supports TLS1.3?

I am told to upgrade PA to 8.0.14 if we are using the ssl decryption.

Curious to know what feature is inside the PAN OS 8.0.14 that supports TLS1.3?

Discussions

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

Discover LIVEcommunity Through Our New Animated Explainer Video!

Resolved! Global Protect with multiple portals and gateways.

Resolved! Is there any command to modify tls response version for ssl decryption forward proxy

OVA file

File Blocking - No URL?

Url blocking

Resolved! difference between restart process and restart core process

Configure VPN from Android Phone to Access VPN

No sound/video MS Teams while using minemeld to pull Microsoft IP's

Resolved! API + (new) zones

Setting up Palo FW in vwire mode between router and switch.

GlobalProtect Configuration Opinions

Resolved! System log - Name resolution takes too logn,...

Resolved! How to add domain security group superuser access

Problems with routing two different LANs in the same interface

Resolved! How does PAN OS 8.0.14 supports TLS1.3?

No "certificate used by" field when generating certs for SSL forward trust and untrust?

A question about snat address pool couse a route loop

How do I get the documentation / training for creating advanced XQL queries

panorama disk health

Recommend os version

Re: Exclude only communications on specific port numbers from Global Protect

Re: Software NGFW Credits

Re: Advanced DNS Security vs DNS Security License

Re: Replacing HA Hardware

Re: About API keys when using the curl command

Unlock your full community experience!

Resolved! Global Protect with multiple portals and gateways.

Resolved! Is there any command to modify tls response version for ssl decryption forward proxy

Resolved! difference between restart process and restart core process

Resolved! API + (new) zones

Resolved! System log - Name resolution takes too logn,...

Resolved! How to add domain security group superuser access

Resolved! How does PAN OS 8.0.14 supports TLS1.3?