General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! DHCP Relay for GlobalProtect

I'm trying to setup globalprotect where once a user successfully logs in, they pull an IP from our dedicated, internal DHCP server with all the DHCP options. So essentially, setup Palo Alto for a DHCP relay for the GlobalProtect clients. I was trying

...

Resolved! CVE-2024-0010

Hi there everyone.

Could please someone clarify for me what versions are affected regarding CVE-2024-0010 as seen here?

https://security.paloaltonetworks.com/CVE-2024-0010

My inquiry goes for version 10.1.11-h5. Is it affected or not? Because I belie

...

Resolved! SSL/TLS Vulnerabilities

Dear Team ,

We have a customer, who found SSL/TLS Vulnerabilities on audit SSL/TLS configuration The firewall supports weak cipher mode CBC.

kindly provide the solution to remediate the weakness.

snip attached for Refr.

lsvpn problems with connecting to gateway

We have a lsvpn architecture and we are having problems with one of the satellites connecting with lsvpn gateway. We configured and maintaining this lsvpn for the past 1 year and dealt with most of the problems. Usual one being credential cookie expi

...

Kubernetes Test Malware

Is there a way to test a sample malware file on Kubernetes? I know that in windows servers we can test it out using wild fire file.

device telemetry Failed to reload config files

Since the update from our firewalls to 10.1.10h2, i see in the system logs the event : Type: device telemetry Event: config-reload-failure Description: Failed to reload config files. The sent of the telemetry files is working. This happens every time

...

traffic log database exceeds alarm threshold value 100% of total allowed size

Hello community,

On my paloalto 850 I get several alarms every day stating:

"Current suz (xxxMB) of traffic log database exceeds alarm threshold value (100%) of total allowed size (xxxMB).

On the CLI a "show system disk-space" shows the disk on n

...

PA 440 dynamic updates

I am installing a PA 440 v 10.1

I can ping IP Addresses on the Internet using my internet interface as source

I can https inbound to the firewall after configuring a management profile

under Device -> dynamic update or license check my attempt a

...

IPSEC tunnel due to timeout problem

I was configure remote 10 branchs connect to Office by IPSEC tunnel. Each branch connect to Office bandwidth 256kbps,512kbps, 1mbps. So someone branchs tunnel automatic disconnect.

Manual remote tunnel device(Cisco RV042) reconnect to PA2020 error.

...

Configuring Dual Leased Lines on PA-220 for Efficient Failover

Hello,

We've set up a dual leased line configuration with BT, featuring two separate gateways. Our primary aim is to ensure continuous connectivity, should one of the lines fail.

Our PA 220's static routing has been configured as follows:

- For BT1

...