This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

Resolved! Two Virtual Routers

Hello,When I configure two virtual routers on a PA-5060, how do I get them to see each others’ routes?Do I need to configure some kind of virtual internal circuit between the two routers?Thanks!

AWS GWLB VPC Endpoint Associations no longer work post-upgrade

Hello, We have recently upgraded our VMSeries Firewalls from 10.2.8-h5 to 11.2.3-h3. However, now, none of our AWS VPC Endpoint associations work via the CLI. We're running the following as per the documentation - as we always have: admin@PA-VM> request plugins vm_series aws gwlb associate vpc-endpoint vpce-0c9fbeeeae9387c49 interface ethe...

C.Stuart by L1 Bithead
  • 1844 Views
  • 2 replies
  • 0 Likes

Heartbeat Backup showing down on both HA peers

I have an active passive configuration which seems to be working and has failed over successfuly in the past (possibly a year ago). According to the PA docs I read the heart beat is a ping that runs every 1000ms. I assume since the heartbeat backup is down on both that if the active firewall were to break right now ther would be no failover co...

Active.PNG
Passive.PNG

Chrome (HSTS) NET::ERR_CERT_AUTHORITY_INVALID - with 10.1.14h4 update

We updated PANOS (on Friday before h6 was released on Sat) to 10.1.14-h4, rebooted and now our users are sporadically complaining about when using google Chrome (Edge not effected), getting a "Your connection is not private" NET::ERR_CERT_AUTHORITY_INVALID - specifically going to some banking sites (Chase.com, being a major culprit). Doesn't ha...

internet issue

i have PA 440 trying to access the internet and i have set virtual router with default route to dataplane interface however when i try to ping anything on the internet the reply comes from the mgmt interface. (attachment)

Telemetry decided to stop sending

UPDATE: This was a bug and was fixed after installing 10.2.10 I have seen a couple others post this same issue on Reddit but figured this would be the place to ask. Does anyone know how to kick telemetry back into a working state? It was working and then last month on the 25th was the last time it sent. no errors, no fail messages, no chang...

hafenlabs by L1 Bithead
  • 13033 Views
  • 17 replies
  • 3 Likes

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics: Customer Support Portal Overview License Management RMA Best Practices Dive into the three-part Fuel Workshop video series and learn how to efficiently manage your Palo Alto Networks assets, accounts, and support needs. Led by experienced pro...

kiwi by Community Team Member
  • 1060 Views
  • 0 replies
  • 0 Likes

Knowledge sharing: Palo Alto General Logs and Log files that are in the managment, data and control planes overview/review

1. Most of the palo alto well known deamons have their own logs that can be reviewed: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PLUeCAO 2. It is interesting that in the higher end Palo Alto platforms like PA-5000 and PA-7050/PA-7080, where there are dedicated interfaces for HA if the issue is with the HA int...

NikolayDimitrov_1-1623698858200.png

Post Expiration Admin Login Count

Hello expert, I wanted to check if someone encountered same issue as mine. We did configure password profiles in our PA-820 (version 10.2.9) by enabling "Post Expiration Admin Login Count" to 3 times. Somehow, after password was expired it just straight away locked the ID and didn't allow us to login 3 times as configured. , Please advise ...

password profiles.jpg

Настройка mikrotik на Palo Alto

Здравствуйте всем можете помочь у меня интернет настроен на mikro tik с внешней и внутренней интернетом и подключена на d link. Я хочу подключить интернет на mikro tik и Palo Alto и патом d link . Я настроил Palo Alto как мост (bridge) но все ровно не работает интернет

aza95_95 by L0 Member
  • 1069 Views
  • 2 replies
  • 0 Likes

General TLS protocol Error

We have forward proxy (ssl decryption configured) We are having intermittent access to some webpages users have to reload the page to gain access.We are seeing General TLS Error on the decryption logs under Error. What Iv found out about the error is that This message indicates that an error doesn't meet the criteria for any of the afo...

image.png
Salathiwe by L3 Networker
  • 5874 Views
  • 4 replies
  • 0 Likes

User ID Anomalies

Hi, I had a strange behaviour with some user on user ID. We have 2 site A and B and our firewall have the mapping from the same agent. we found that user1 access site A and user2 access site B. issue that we found that user1 is access site B using the user2 IP. We check on each site the mapping is fine, but we dont find the user1 mapping ...

DennyChanditya_0-1729151292634.png
DennyChanditya_1-1729151338014.png

Resolved! SSL Inspection issues with GlobalProtect users

We're having some strange SSL/TLS Inspection errors while on GlobalProtect. We are getting unsupported-parameter errors while a user is connected to GlobalProtect trying to get to any internet site, including things like google.com. Doing a packet capture on the firewall it shows the connection trying to happen on tls 1.0 which we do indeed not ...

Claw4609 by L5 Sessionator
  • 38582 Views
  • 23 replies
  • 1 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks