General Topics

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

AI is upon us, and here's a fantastic chance to learn more about it!

During this virtual event, we will be hearing from top industry experts and senior executives within Palo Alto Networks about PANW's plans for AI to help drive a more secure futur

...

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Never ending globalprotect VPN drops

Supporting VPN for people is a challenge no matter what VPN you are using but people never consider the reliabilty of their own ISP provider as part of that issue. So what is the best way to rule out the users ISP as the problem and not the globalpro

...

Software Upgrade

Hi,

Is it possible to upgrade PAN-OS manually without licence ?

DNS Signature Lists

Does anyone know any free External Dynamic Lists for DNS signatures to use in conjunction with the Palo DNS Signatures? We would like some extra protection for our anti-spyware protection.

Monitor of IPSec tunnel

What is the best way to monitor an IPSec tunnel on the PA, I don't see anything in the traffic logs at all just the systeme logs

Resolved! Decoder function

Need to confirm in PA decoder does content id app id and antivirus detection.?

Also once session is offloaded then function of decoder is finished?

Resolved! Can you enable pfs on a pa ipsec tunnel

Can you enable pfs on a pa ipsec tunnel? If so where do you do it

LDAP is not sending framedIPAddress for GlobalProtect Static Assignment

We are trying to configure static IP assignment in globalprotect and have selected the "Retrieve framed ip address" option on the client gateway. I've also selected "Static IP Assignment" under the Dial-In tab in AD for the users and given them IPs

...

Commits and Firmware Upgrades Failing

I've got a couple of support tickets open on my issues just seeing if anyone has any suggestions/ideas as Support I wait for support to help me out.

Configuration: 2x PA-5220's in HA (Active-Passive)

Code: 8.0.11-h1 (Moving to 8.0.12 per PA recommendat

...

log compression in Palo alto

Need to know if palo alto firewall or Panorama supports log compression or not?

Resolved! when we download the software do not install it?

when we download only major PAN OS but do not install it?

is it when we do major version from 7.1 t 8.0?

or when from

8.0 to 8.1?

Panorama configuration is over 80MB

I am getting the following system log message on my Panorama dashboard:

The current configuration is 81MB, which exceeds the supported limit of 80MB. We highly recommend that you reduce the configuration size to within 80MB.

What are the potential

...

Resolved! url database - learning new urls from cloud

when new websites comes up we see that it is under unknown category

one option is to ask PA to re category that.

in some cases we see that after few days that websites is not under known category and is reachable.

How does PA cloud database keeps t

...

Palo Alto behind ReverseProxy, how block real IP ?

Hello,

I have many website behind my Palo Alto.

In front of many websites (and then Palo Alto), I have Reverse Proxy.

Into traffic logs I see Reverse proxy IP, not the real visitor IP.

I have enabled "Use X-Forwarded-For" and now I see Real IP into colu

...

Resolved! Panorama Objects defined in ancestors will take higher precedence.

i am unable to understand Objects defined in ancestors will take higher precedence. what does it mean?

i read the admin guide but still unable to understand

any help is appreciated?

Resolved! config push from panorama to HA PA

New configuration is pushed from Panorama to a pair of firewalls that are configured as an active/passive HA pair.

will both PA active and passive syn theconfig ?

Discussions

Join us for an amazing virtual event - Ignite: What's Next - October 28, 2025

Discover LIVEcommunity Through Our New Animated Explainer Video!

Never ending globalprotect VPN drops

Software Upgrade

DNS Signature Lists

Monitor of IPSec tunnel

Resolved! Decoder function

Resolved! Can you enable pfs on a pa ipsec tunnel

LDAP is not sending framedIPAddress for GlobalProtect Static Assignment

Commits and Firmware Upgrades Failing

log compression in Palo alto

Resolved! when we download the software do not install it?

Panorama configuration is over 80MB

Resolved! url database - learning new urls from cloud

Palo Alto behind ReverseProxy, how block real IP ?

Resolved! Panorama Objects defined in ancestors will take higher precedence.

Resolved! config push from panorama to HA PA

No "certificate used by" field when generating certs for SSL forward trust and untrust?

A question about snat address pool couse a route loop

How do I get the documentation / training for creating advanced XQL queries

panorama disk health

Recommend os version

Re: Exclude only communications on specific port numbers from Global Protect

Re: Software NGFW Credits

Re: Advanced DNS Security vs DNS Security License

Re: Replacing HA Hardware

Re: About API keys when using the curl command

Unlock your full community experience!

Resolved! Decoder function

Resolved! Can you enable pfs on a pa ipsec tunnel

Resolved! when we download the software do not install it?

Resolved! url database - learning new urls from cloud

Resolved! Panorama Objects defined in ancestors will take higher precedence.

Resolved! config push from panorama to HA PA