This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 198 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 880 Views
  • 0 replies
  • 0 Likes

PA-200 HA Sync

Hi,

I have a message when I attempt to run a commit:

 

"The running configuration is not currently synchronized to the HA peer, and therefore, this commit will only be applied to the local device.

Please synchronize the peers by going to the dashboard an

...

sync.jpg
s_quasar by L3 Networker
  • 5685 Views
  • 15 replies
  • 0 Likes

FQDN refresh problems

Hell guys,

We have a problem that the FQDN refresh fails nearly everytime. What I mean with "nearly" everytime is, that there are periods in which the FQDN refresh is running smoothly, and then suddenly it fails again.

Example: A few days ago the FQDN

...

Resolved! user if agent and switching between ids

we have configured rules with group mapping using LDAP.

We have one user where he switch between user ids and when he trieds to login to server with user id not allowed in list he gets

denied.

 

should he log off and log on as best practice when he switc

...

MP18 by Cyber Elite
  • 3515 Views
  • 5 replies
  • 0 Likes

8.1.4 CP Normalizing

All of our users who auth over CP are now normalizing as 'domain.com\user' although we need them to be user@domain.com.

 

The authentication profile they go through has the %USERINPUT%@%USERDOMAIN% modifier.  Domain is filled in & login attribute is 'u

...

Resolved! Minemeld Proxy error

Hi,

 

I've setup Minemeld to use the corporate proxies based on this thread and I'm still getting this error:

 

"ConnectTimeout: HTTPSConnectionPool(host='www.dshield.org', port=443): Max retries exceeded with url: /block.txt (Caused by ConnectTimeoutErr

...

otlaP5 by L0 Member
  • 5268 Views
  • 2 replies
  • 0 Likes

Resolved! Panorama Managed collectors - Default and M500 Log collector

We have Panorama M100 in Panorama Mode.

They are in HA pair.

 

Also we have 2 M500 as dedicated log collector mode.

 

Under Panorama managed collectors  I see default is also checked along with 2 dedicated log collectors.

 

Need to know why default option i

...

Capture1.PNG
MP18 by Cyber Elite
  • 3060 Views
  • 6 replies
  • 0 Likes

Resolved! Split tunnel VPN inclusion rule - traffic dropped

Hello Community,

I need to allow traffic to come down the VPN tunnel rather than the Split Tunnel.
I have addred a VPN tunnel inclusion rule on the GlobalProtect Gateways as described in this article:


https://www.paloaltonetworks.com/documentation/80/pa

...

000000 by L1 Bithead
  • 2198 Views
  • 2 replies
  • 0 Likes

Use MP SSL Session Cache

when i run the below command 

 

show system setting ssl-decrypt setting

 

vsys : vsys1
Forward Proxy Ready : yes
Inbound Proxy Ready : no
Disable ssl : no
Disable ssl-decrypt : no
Notify user : no
Proxy for URL : no
Wait for URL : yes
Block revoked Cert : yes
Cer

...

MP18 by Cyber Elite
  • 3216 Views
  • 2 replies
  • 0 Likes

Resolved! Unable to export certificates EXCEPT via IE11

Two PA3020s in an active/passive HA pair

PanOS 7.1.14

 

Tested with Google Chrome and Firefox on Linux.

Tested with Google Chrome and Firefox on Windows 7.

 

When trying to export a certificate from Device tab --> Certificate Management --> Certificates, n

...

fjwcash by L4 Transporter
  • 4152 Views
  • 3 replies
  • 0 Likes

Resolved! Moving between device groups

I am looking to move my firewalls from one Panorama (7.0.3) device group to a new device group.  All active policy rules have been cloned over to the new device group from the existing device group, and the objects are all "shared". 

 

Even though al

...

Resolved! Cannot retrieve indicators from FS-ISAC feed

I recently created a feed over at FS-ISAC for my organization, and I'm able to connect successfully from within MineMeld, however I am not receiving any indicators. My initial_interval is set to 30d and when I test using 'taxii-poll' from the shell ...

benime by L1 Bithead
  • 5525 Views
  • 2 replies
  • 0 Likes
  • 24014 Posts
  • 115 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks