This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Resolved! Is there any command to modify tls response version for ssl decryption forward proxy

When a client's browser disabled TLS1.0 and connect to a website which is only support TLS1.0.Is there any way to let PA firewall response TLS1.0 to user? Because before we replaced our customer's firewall, their firewall was CheckPoint CP5800.In same situation CP5800 responsed TLS1.2 to clients, so they browse the website works fine, but now t...

OVA file

pa-vm-esx-8.0.ova I need to download the OVA file for training purposes. How do I go about getting a file?

File Blocking - No URL?

Hi I have various response pages configured to allow the user to click and send an email when hitting a blocked site. The URL one works fine - user clicks continue, new email pops up with the following placed in the email : URL and user name. For File blocking, I cannot get the URL to go in to the email, it's always the IP address instead that...

Url blocking

Hi guys, surely a stupid question, but cannot find out.PA (a 5060 couple), as seen in the screenshot, allows the connection but blocks the corrispective URL.How can I allow the URL too? Thanks

Threat_small.png
Shye80 by L1 Bithead
  • 1973 Views
  • 1 replies
  • 0 Likes

Resolved! difference between restart process and restart core process

1> debug software restart processauthd authentication processconfigd configd processlogd logd processmanagement-server Management server processmdb Mongo DBntp Restart and re-synchronize NTP servicereportd reportd processsnmpd snmp processuser-id User-ID processvld-0-0 VLD process for LD1vld-1-0 VLD process for LD2vld-10-0 VLD process for LD1...

MP18 by Cyber Elite
  • 10246 Views
  • 2 replies
  • 0 Likes

Configure VPN from Android Phone to Access VPN

Hello All, I am trying to configure my android phone to connect to palo alto vpn. I use IPSEC Xauth PSK as Type and the IPSEC identifier do i need to put the Group Name and Group password from X-auth support. Can someone confirm me this.

Denis by L2 Linker
  • 3686 Views
  • 1 replies
  • 0 Likes

Resolved! API + (new) zones

Hey all, i have started to work with the API and Postman lately in order help with making the setup process of new boxes a little easier & faster. While I have been able to get most of the basics done (Management IP, DNS, NTP, etc.) I am now struggling with creating new objects in the configuration through the API, starting with the zones th...

Setting up Palo FW in vwire mode between router and switch.

We currently have a Cisco switch and router with in our environment. The router does inter-VLAN routing for traffic coming from VLAN's (about 6) on switch; typically as in a ROAS setup. So the switch is L2 and router is L3. Looking for a away to place the Palo Firewall transparently in between with two interfaces (eth 1/1 and eth 1/2); in vwire ...

GlobalProtect Configuration Opinions

Greetings! Just to be upfront, I have my configuration working for the most part but I'm interested to hear if there's not a better/safer/quicker way of bending GlobalProtect to my needs. Please feel free to chime in with ideas, opinions or suggestions! Only as much detail as you feel is necessary but I'm happy to hear what you're thinking Scena...

mbahen by L2 Linker
  • 2806 Views
  • 2 replies
  • 0 Likes

Resolved! How to add domain security group superuser access

Hello, I would like to add a domain security group superuser access to Panorama and devices. So any users in the below groups access to both panorama and firewall’s. Superusers - CN=PA Superusers,OU=Global Groups,OU=Ad Australia,DC=ad,DC=com,DC=auSuperusers (Read Only) - CN=PA Superusers RO,OU=Global Groups,OU=Ad Australia,DC=ad,DC=com,DC=au ...

Problems with routing two different LANs in the same interface

I have this scenario: My PA-200 have 2 interfaces: one connected to the Internet Zone, another to the LAN Zone. The LAN interface has 192.168.1.1/24 as its IP address. I have another LAN connected through a router with 192.168.1.254 IP address. In the PA-200, in the default-router I added the route for 192.168.2.0/24 with gateway 192.168...

Genesis Amazonas.png

Resolved! Panorama 8.0 - EDL & Certificate Profile

Hi all, I just ran into an issue while creating an External Dynamic List in Panorama 8.0. The source is a HTTPS address that requries a certificate profile for validation, so far so good. The problem is that I can't select any certificate profile, the list is empty. There's a certificate profile created under Device > Certificate Management ...

Capture.JPG
Capture.JPG
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks