This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4227 Views
  • 0 replies
  • 0 Likes

SSL decryption presenting untrusted certificate for certain site

Can somebody explain why the PA is presenting the untrusted certificate when browsing to https://community.mcafee.com ? So far all of the other HTTPS sites that I've tested have worked perfectly. This is on 7.1.3. I opened a ticket with PAN and the tech said it's because the PAN doesn't trust some of the CA's used by that site's certificate, bu...

Jsitter by L1 Bithead
  • 15070 Views
  • 2 replies
  • 0 Likes

Resolved! threat packet captures impact on cpu

Hello.I would like to enable some packet captures on certain threats and was wondering if anyone has tested if there is an impact on the mgmt plane cpu when enabling extra pcaps?I know enabling packet capture has an impact on cpu. however I would think the impact woudl be mainly(or exclusively) on the data plane cpu;reason I ask is I currently h...

Clientless App feature enable BUG 8.1.3

The only I can describe this configuration is that is is a bug. I do not see any reason why such a feature would exist and not be clearly documented. Issue: When commiting that change after deploying a GlobalProtect Clienless app a warning would appear saying: Warning: Clientless VPN Content is missing. The feature is not enabled. (...

Global Protect, use custom port for portal, followed the tutorial on paloaltonetwork

Hi, I followed the tutorial : How to Configure GlobalProtect Portal Page to be Accessed on any Port but it's not working.When I connect using browser I get an error. I see in monitor that the port is accessed and I see the rules for the nat as well, but in the application it's written "incomplete". How can I debug it further ?Thanks for help.Jon

GlobalProtect agent can not connect to my internal Network

Hello,After correctly configuring global protect VPN on the firewall, and installed the agent globalprotect on the remote machine, when I am in connected mode with the agent I can not connect to my internal network not even send a ping, I checked the security rules and the NAT between the two zones, the access route but the problem persists

ADINESMA by L0 Member
  • 3353 Views
  • 1 replies
  • 0 Likes

Resolved! authetication override

Why is it necessary to enter "generate cookie for authentication override and accept cookie for the authentication override on both the portal and gateway? I would think it would make more sense to select generate cookie for authentication override on the portal and accept cookie for the authentication override on the gateway.I am also not sure...

jdprovine by L4 Transporter
  • 5314 Views
  • 6 replies
  • 0 Likes

logical interface packets drops

Hi, we are experiencing this issue that we are troubleshooting from a couple of days. we have done all our checks WAN and LAN side however there is a paloalto firewall between WAN routers and core switch in a Vwire mode with an any-any rule. the only problem I have noticed so far is that at the time of issue the firewall is not too responsive i....

qasim02 by L2 Linker
  • 3579 Views
  • 3 replies
  • 0 Likes

Resolved! how to get CA trusted root cer for global protect url

Hi, We have external global protect gateway with dns name.when users browse to domain name they get warning message certificate is not trusted. How can i get trusted cer from CA like go daddy so that when remote users download the GP client they do not get cert warning? RegardsMike

MP18 by Cyber Elite
  • 2528 Views
  • 1 replies
  • 0 Likes

Resolved! Global Protect client - Block inbound traffic - Internet Adapter

Hi,The scenarios is as follows:a) I have a Windows10-client with Global Protect (GP) version 4.1.4 installedb) The Win10 has inbound RDP (tcp-3389) enabled so that the support can access the client remotelyc) The GP is configured with "Always On" so that it connect to our company network as soon as it finds an ISP-connection The problem:a) Whil...

Ask about by license for PA-500, Renew license after End-of-sale?

Dear All, My company device is PA-500, I'll be End-of-Sale Date at 31-Octorber-2018. But it's license will be Expires at April ,2019.So how I can do to renewal the license? Do I buy the license after End-Of-Sale ? OR Can we renew the license befor the End-of-Sale?Please help me clear this issue.Thanks and Regards,Tho.

Problem routing traffic from ipsec tunnel to ipsec tunnel

We have two PA820 boxes PA#1 & #2, both are connected via IPSec and the traffic flows without any problemWe have a TMG server to which PA#2 is connected via IPSec and traffic flows without any problemNow we want PA#1 to be talking to TMG server via PA#2ON PA#1 we can see that the traffic is going through the tunnel, but it is not being detec...

Resolved! Global Protect external gateway traffic is ssl decrypted

Hi, I have configured GP external gateway and all is well.But i see my ssl tunnel connection from my public ip to GP public ip this traffic is decrypted. I have no decryption policies configured for this. this traffic is from external to external zone. need to understand how this traffic is beging decrypted? Mike

MP18 by Cyber Elite
  • 6301 Views
  • 4 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks