General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! IPsec question

Hello

I have many IPsec connectios on my PA. But their are 2 that both use 192.168.100.x

Now IPsec A is policy based. So I have configured the proxy ID's. All working fine. Now I have narrowed the routes down to the 2 host I require. Which are 192.168....

Resolved! Issue with setting QoS egress value with API

For scripting purpose I need to be able to set egress-max values in QoS with the API.

First I created a QoS profile, TRUST-QOS, and set the egress-max to 20

In powershell, I have the following:

$paURL = "https://" + $PAIP + "//api/?key=" + $apiKey +...

Global Protect on Chrome OS forget and reset portal.

I keep having to click forget on the chromebook globalprotect client and re add the portal to get it to connect to the VPN on the PA firewall. This happens daily to many of the Chrome OS devices.

Also the + button to add a second portal does not work.

...

Resolved! internal routing being blocked

I'm having an issues with some internal routing I have two virtual router that have statics routes for an internal phone network on a different router in my trusted zone I can ping from computers in my lan but when i try and access any websites or ma

...

Panorama - dynamic updates not working

Software Version 8.0.9

Application Version 8024-474

Panorama VM is not receiving dynamic updates. I have checked traffic is allowed and also license is not expired.

On manual check it is getting this error.

Also tried updating by directly uploading t

...

Bug fix

Do I have to go to 7.1.7 to fix this bug, since it is addressed as the fix for this bug or will a newer version fix it like 7.1.18 or 7.1.19 still fix it even if it is not listed in the list of fixes? You would think that the newer version more even

...

Resolved! SSL decryption troubleshooting - decrypt-cert-validation

I have been working with SSL decryption over 4 month on testing team.

Most of the traffic is OK but I see some of the traffic are being Aged-Out and some and decrypt-cert-validation as the session end reason.

Tried to do packet capture without seeing

...

Resolved! QoS and SSL decryption questions.

Seems some of our customers are trying to slow down youtube, facebook etc. without SSL decryption.

The confusing part is in the logs these show up as youtube-base, facebook-base etc but only sometimes and then other times they show up as SSL.

So is u

...

1Gbps support for PA-500

Hello,

We decided to upgrade our internet line to 1Gbps from current 100Mbps and now we are using PA-500.

As PA-500's Threat prevention throughput is 100Mbps, does it mean we only have 100Mbps（transmission speed） even the PA-500's interface capacity

...

IPSec VPN from PA to Edge gateway

Is it possible to an IPSec VPN connection from a PA 5050 to t Edge gateway appliance and if so how is it done

Authentication via LDAP server not sending complete DN name

Hi Team,

I have configured LDAP server profile and confirmed the condition of reading group via Group mapping it works.

When I try to test the LDAP username through authentication profile it succeed upto LDAP authentication but after it is sending DN

...

Problem with MS Exchange 2016

hello

we have EXCHANGE server at TRUST zone.When we try to make SSL inbound inspection to this server active sync does not work and even when we try to open OWA via browser we get an error

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Is there any idea where can

...

Resolved! Replacing office 365 from XML and RSS with Restful API

Hi all,

In view of the changes Microsoft is going to make in future as describe in the following link, would the current miner for O365 still works?

https://support.office.com/en-gb/article/managing-office-365-endpoints-99cab9d4-ef59-4207-9f2b-3

...

Yahoo Mail Client

We recently started experiencing a problem with Yahoo app on Android devices or the Yahoo client from receiving email through our PA's. Has anyone experienced a similar problem?

Thanks in advance.

Resolved! routing problems between wans and lan

I recently inherited a Palo Alto PA-3020 in a place i've been working and I'm wondering if anyone would be able to help me out on a config error i've been having I'm trying to get a setup like in the visio diagram below but there seems to be some rou

...

Discussions

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Resolved! IPsec question

Resolved! Issue with setting QoS egress value with API

Global Protect on Chrome OS forget and reset portal.

Resolved! internal routing being blocked

Panorama - dynamic updates not working

Bug fix

Resolved! SSL decryption troubleshooting - decrypt-cert-validation

Resolved! QoS and SSL decryption questions.

1Gbps support for PA-500

IPSec VPN from PA to Edge gateway

Authentication via LDAP server not sending complete DN name

Problem with MS Exchange 2016

Resolved! Replacing office 365 from XML and RSS with Restful API

Yahoo Mail Client

Resolved! routing problems between wans and lan

On premise RSA MFA setup.

No ping reply via Palo to Palo S2S

PA not be able to access internet

SSO Palo Alto Support Portal

IPv6 on public interface

SYSTEM ALERT : medium : MLAV: Unknown error

Re: SYSTEM ALERT : medium : MLAV: Unknown error

Re: SYSTEM ALERT : medium : MLAV: Unknown error

Re: ACC shows ipv6 addresses in source/destination IP

Re: Howto delete sub-interace from cli

Unlock your full community experience!

Resolved! IPsec question

Resolved! Issue with setting QoS egress value with API

Resolved! internal routing being blocked

Resolved! SSL decryption troubleshooting - decrypt-cert-validation

Resolved! QoS and SSL decryption questions.

Resolved! Replacing office 365 from XML and RSS with Restful API

Resolved! routing problems between wans and lan