General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Resolved! Do BGP and OSPF have to have same router-id on a virtual router ?

Hi,

I'm running BGP and OSPF on same virtual router and whenever I commit a change, I get the following warning:

In virtual-router VR_1, BGP router-id 1.1.1.1 is different from OSPF router-id 10.1.1.1.

Since I'm getting warned about it, I'm thinkin

...

Resolved! User-ID Redistributed users not the log file

Hi Guys,

For one our customer we have two virtual cluster - frontend and backend firewalls. On the frontend firewall we have Global Protect enabled, with LDAP and User-Group Mapping, assign different access for different user group. Connected users s

...

For internal GW what happens when you create non tunnel-mode GW? Why would one do this?

Hi,

For internal GW what happens when you create non tunnel-mode GW? Why would one do this? If it only provides USER-ID why is it used?

Resolved! Any way to de-auth a user outside of SSH?

I know that we can force a logout for a user from the captive portal on the CLI as shown in the link below but is there a way to access this functionality through the web management portal?

https://live.paloaltonetworks.com/t5/Management-Articles/How

...

Resolved! Panorama Certificate Profile Breaks Refresh

Hello Folks,

I have a strange scenario and am most likely missing something.

I created a CA cert from a new Panorama template. I installed into the MineMeld server and verified the cert is showing up via google chrome. I then created a certificate

...

Resolved! How to deactivate virtual PA firewall with API

Trying to deactivate a PA-VM firewall with the API.

First I add the Licencing API key to the PA with the firewall API:

In order to hide my real values, let's use:

myfirewall.corp as my firewall

cxvzvxvcxvczc as my firewall's API key

dgshgdjsgdjsgj as m

...

Panorama/Palo Alto Design Query

Greetings Folks,

I have a Design and deployment Question. Our company have 3 Data centers located at three different Geographical Locations. We have a project to deploy Palo Alto 5200 Series Appliance in the environment as I

...

Resolved! highlight unused rules highlights rules possibly used in the past

Hello

I have a query where the highlight unused rules is showing rules as unused, which possibly were used in the past. The security policies were created based on traffic log reports and the same security policies are now showing as unused. I see tha

...

List of application where PA skips credential detection

Hello.

PA supposedly doesn't check credential submission on some apps.

»The firewall automatically skips checking credential submissions for App-IDs associated with sites that have never been observed hosting malware or phishing content to ensure the

...

Can someone provide a detail difference between the terms custom application and custom app-id?

Native VPN client

The native client on my windows machine does not seem to be authenticating against my radius/otp/ldap server and my globalprotect client is getting through the portal but failing on the gateway. Any ideas why or how to track it down?

Resolved! SFTP sometimes just hitting SSH app and sometimes Enhanced File Transfer

I have an egress rule that permits port 22 which should include sftp. And for the

most part it works. But I had a user go to a particular sftp site useing filezilla

and the PAN 5060 identified the traffic as "Enhanced File Transfer" and

the traffic di

...

heartbeat connection

What is the best way to set up a heartbeat connection between and active and passive pair of firewall. We currently have a PA 5050 pair, in different buidling quite a distance away from one another and the heartbeat connection is through the network

...

GlobalProtect for User-Id Without Auth?

Hi All!

We're an all-Mac shop, but we use AD for authentication (for now). GlobalProtect "External" is working great for external access, with authentication to AD.

Now we'd like to map IP to Users INSIDE our LAN. My primary goal is to link URL F

...

Palo Alto Layer2 mode and brdige vlan in different subnets

Hi All

Can Palo Alto bridge two VLAN like VLAN 10 and VLAN 30 that have different subnets? or both VLAN should have same subnet?

Basically what I want, I have VLAN 10 having subnet 10.10.10.0/24 and VLAN 30 having subnet 192.168.1.0/24. Both VLAN hav

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Resolved! Do BGP and OSPF have to have same router-id on a virtual router ?

Resolved! User-ID Redistributed users not the log file

For internal GW what happens when you create non tunnel-mode GW? Why would one do this?

Resolved! Any way to de-auth a user outside of SSH?

Resolved! Panorama Certificate Profile Breaks Refresh

Resolved! How to deactivate virtual PA firewall with API

Panorama/Palo Alto Design Query

Resolved! highlight unused rules highlights rules possibly used in the past

List of application where PA skips credential detection

Can someone provide a detail difference between the terms custom application and custom app-id?

Native VPN client

Resolved! SFTP sometimes just hitting SSH app and sometimes Enhanced File Transfer

heartbeat connection

GlobalProtect for User-Id Without Auth?

Palo Alto Layer2 mode and brdige vlan in different subnets

Discussion Forum Analysis

Discord voice chat no longer connecting after PA-440 install

Authentication Sequence Profile with SAML

Decryption suddenly failed for all Webpages using Sectigo Certs

About PAN-301496

Re: Does User ID Agent 10.2.4 compatible with PAN OS 11.1.13?

Re: Stale SIP Sessions

Support with PA-440 Software

Re: Discord voice chat no longer connecting after PA-440 install

Re: Do I need an edge router in front of my Palo Alto?

Unlock your full community experience!

Resolved! Do BGP and OSPF have to have same router-id on a virtual router ?

Resolved! User-ID Redistributed users not the log file

Resolved! Any way to de-auth a user outside of SSH?

Resolved! Panorama Certificate Profile Breaks Refresh

Resolved! How to deactivate virtual PA firewall with API

Resolved! highlight unused rules highlights rules possibly used in the past

Resolved! SFTP sometimes just hitting SSH app and sometimes Enhanced File Transfer