General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

How was determine or verify after with application override bypass L7

Hi Expert ,

I would like to verify after config and traffic is match with Application Override Policy that it already bypass L7 how to check it via cli or gui so, I have understood about can check with show session id after filter application is alr

...

Shutdown Clustered/HA FWs

Is there any documentation on how to properly shutdown a clustered/HA FW pair and then restore connectivinty power verifying proper function once power is restored?

Dynamic TCP port APP query

Hi community, In a situation where there is a security policy allowing: SOURCE Source IP: any Source Zone: outside DESTINATION Destination IP: public IP 1.2.3.4 -> NAT'd to private IP 10.10.10.10 (servername1) (the security policy is using the post N

...

Resolved! Application Blocked instead of URL Block

Hi

I have implemented URL Filtering. However for http pages, I see Application Blocked page as agains URL Block page.

Anyone experienced same phenomenon?

BR,

RJ

Resolved! Auth Profile 8.1.x LDAP

We'd like our users to be able to log into Captive Portal or Globalprotect with user@domain.com or just user. We've messed around with seemingly every combination of username modifiers, but have not been able to get it to work both ways. Currently,

...

Resolved! Difference between system resources in GUI and CLI

Hello,

What is the difference between the System Resources in the GUI and the CLI? The CPU percentages are different.

Resolved! User ID Agent

Where the userid agent save log file ?

We want to start audit when User ID update task failed on PA

Is there a possibility to move the logs of userid to the siem / syslog server

Has anyone used google authenticator with Global Protect?

Hi,

Has anyone used google authenticator with Global Protect? Can anyone help on how this is to be configured? I have configured other RADIUS agents in the past.

Thanks

Extend VPN to Azure Cloud

Is it possible to extend Palo Alto VPN onto Azure Cloud? That way we can have users connect directly onto any Azure Cloud Region

Resolved! LACP NEGOTIATION LOG FILE

Hello,

In order to debug an issue in our LACP interfaces.

I need to run lacp debug and to find the log file of lacp negotiation.

And there is a log file of all ethernet negoatiation?

Thanks in advance.

Resolved! ISP redundancy and route load balancing.

Hi, Community!

I'm looking for some help with a customer today 

Here's the situation: a customer has a dual ISP configuration and wants the traffic both to be balanced between the routes of the two providers and that a redundancy scheme is put in p

...

PA-220 Not Decrypting any HTTPS Traffic even after I have followed ALL the Palo Alto Live Videos

For some reason SSL Decryption is not working on my PA-220 - I have followed many many many of the palo alto instructions to try to get it to work but some how it is still not working - the PA-220 is simply not decrypting any of the Https Traffic. I

...

Resolved! Replace passive member in HA (A/P)

Hi,

We need to replace the passive member in a cluster. So in the HA preempt is not enabled. And priority in the active member is 100. So i understand that we can directly connect all the cables for new devices and this new member will take passive r

...

Stuck in Failsafe Bootloader. what now?

My PA-820 is stuck in failsafe bootloader mode. what are my options now? I am no longer getting the option for MAINT mode either. If I let the system boot on it's own I get the below and it just keeps rebooting.

Welcome to the PanOS Failsafe Boo

...

Resolved! No source user in logs post 8.1.2 upgrade

At the weekend I upgraded all our boxes from 8.0.9 to 8.1.2 as we need to make use of the new GP - Split Tunnel by URL features & Enhanced UserId coolness. Yes, I know - this was brave 

Everything seems to be working as expected & as it was pre-upgr

...