General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Palo Alto 440 not booting. PWR led is Amber.

After making some modifications in the DHCP and doing a commit the FW got stuck, I tried to do a hard reboot without success, also when starting by console cable does not allow me to log in.
The led of power sources 1 and 2 are green when connected a

...

EDL access using sharepoint as source

Hello guys, I'm having a problem when using our SharePoint (https) as a source URL of my EDL. I cannot access it even if I tried adding a certificate profile and client authentication. But when using another source URL, I can manage to access the sam

...

Resolved! EDL - How to find out if its updated automatically

Hi,

 

We are using predefined EDL Palo Alto Networks - Known malicious IP address in deny rules .

 

I would like to know how we can check if this EDL is updated and when was the last time it was updated successfully etc.

 

Thanks.

Ismailsh by L0 Member
  • 1167 Views
  • 1 replies
  • 0 Likes

split tunnel issue

 

These two snapshots are from two different VMs, which have installed GlobalProtect VPN. However, I saw different log messages printed out (check the marked part). I am just wondering why bindEntry is different on them?

 

Thanks

xingyun_0-1693228603537.png
xingyun_1-1693228649083.png
xingyun by L0 Member
  • 505 Views
  • 2 replies
  • 0 Likes

OSPF stuck in EX-START after PAN-OS upgrade

We ran into a situation where the OSPF was stuck into EX-START after upgrading the PAN_OS software from 9.1.10 to 9.1.16 (Preferred release).

We have a deny-all rule above the Intrazone-default allow, but it was working fine previously.

We checked th

...

Non-RFC Compliant DNS Traffic on Port 53/5353

HI,

Continuously receiving vulnerability threat events (Non-RFC Compliant DNS Traffic on Port 53/5353(56538))  form the same source IP towards our PA public IP addresses.  The source is also clean and belongs to Vodafone ISP.

 

I could not find any o

...

The 2034-24 Cyber Elite Program Is Here!

LIVEcommunity is pleased to announce the 2023-24 Cyber Elite Program

 

Cyber Elite members are LIVEcommunity super-users and cybersecurity experts who are generous in sharing their insights and expertise to help others in LIVEcommunity. 

 

Want to

...

jforsythe_0-1692904865177.png
jforsythe by Community Team Member
  • 861 Views
  • 1 replies
  • 3 Likes

Resolved! Panorama vm running slower and slower until stuck

Hi The issue on panorama is there for long time. Anyone can help to resolve it? When panorama vm is created on eve-ng on ESXi, its speed is very slow and even stop or stuck there. I found the slowness is related with memory and storage size available

...

kevinospf_0-1693017474861.png

Issues without using Proxy IDs on IPSEC tunnel

We are running into issues with VPN when we chose not to use PROXY ids between two PA firewalls.

We see it works fine when we add the proxy ids, but we shouldn't need to if both of them are Palo Alto, isn't it?

We see phase 2 keeps failing and the tu

...

GLOBALPROTECT split navigation

Hi everyone.

 

Currently I have a request. When vpn user is accessing throught globalprotect is necessary that fullfill two thing: If device is corporate (domain) he can use internet resource enterprise internet. But, when device is personal he must

...

apazmino by L1 Bithead
  • 682 Views
  • 3 replies
  • 0 Likes
  • 24195 Posts
  • 100 Subscriptions
Labels