This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

Error fetching External Dynamic List (EDL)

Hello, When trying to fetch an EDL from a web server configured without support for TLSv1 (only support TLSv1.1 or 1.2) the result is "Server error : URL access error". I don't know if PAN-OS 7.1.18 fetch client for EDL only support TLSv1. Checking ciphers compatibility for 7.1 I can't find the answer: https://www.paloaltonetworks.com/documentat...

fjmjugr by L1 Bithead
  • 7347 Views
  • 6 replies
  • 0 Likes

Resolved! requesting connection status via code or through CLI

Hey there, I'm designing windows 10 app which needs to connect to a office based database via a remote laptop.The laptop will have access to the office through the GlobalProtect VPN.I need a way to query the GlobalProtect windows agent to see if there is an active VPN connection so I can start making database calls or use locally stored data.Any...

Asymmetric Routing and TCP syn check (Pulukas Solution)

Hi Everyone, Asymmetric Routing and TCP syn verification is a common issue and there were many articles on how to resolve that, basically1 - To change routing itself and make sure there are no asymmetric routing in the network - best from PA point of view2 - disable tcp syn verification globally on the firewall - worst for PA 3 - Disable tcp syn...

Dimitrus by L0 Member
  • 4064 Views
  • 2 replies
  • 0 Likes

Support for inspecting SSL message for kafka connect

We are using Kafka for messaging and have a requirement to inspect the SSL message sent to kafka broker from kafka connect. Kafka using binary tcp protocol with kafka broker listeners on PLAINTEXT://9093 (without SSL) Can paloalto decrypt and inspect the kafka message content?

Does Palo Alto (VM) firewall supported in VirtualBox?

Has anyone managed to installed and run Palo Alto (VM) firewall successfully in VirtualBox?I've been trying to setup my own lab for learning purposes. Basically, this lab contains client, firewall, and server with different network segment. Client --> Firewall --> ServerI managed to install it but can't make it work on network part. Only "...

PA-VM 8 v1.jpg
prenatip by L1 Bithead
  • 7688 Views
  • 1 replies
  • 0 Likes

VPN certificate expires

Hey!My firewall is a PA-3020 with 8.0.7. There is a Global Protect gateway and portal, users can connect via Global Protect.As portal address in the global protect app, we are using an address that is availabe in public dns.Additionally, there is a public signed certificate. When I do https://portal-address in a browser, I can see that the certi...

MPI-AE by L4 Transporter
  • 9237 Views
  • 7 replies
  • 0 Likes

What is application db = 0 and app.id c2s node (0, 0) s2s node (0, 0) in session id command

Hello Folks,I am looking for some more information on session id command outputs. I see a session in free state with application db = 0 and app.id c2s node (0, 0) s2s node (0, 0) . What does this mean ?Is this that app-id engine of PAN is not able to identify any application with no c2s or s2c flows ? application db ...

Resolved! Use Domain EDL for purposes other than DNS sinkholing?

Can you use a domain EDL for other purposes or only for DNS sinkholing? In other words, can you use a domain EDL in any policy rule in the same way an FQDN object can be used? I would expect that you can, but wanted to ask.

RISI by L2 Linker
  • 4388 Views
  • 4 replies
  • 0 Likes

Linux and TCP keepalive

Hi Is there some reason that PA have a 1 hour keepalive value, where linux has a 2 hour timeout value. Whats considered best practices ... reset the PA to 2 hours or bring down the linux keepalive value to say 1800 A

Resolved! No devices in deploy content window

I am having a problem trying to push Apps&Threats or AV from the panorama to the firewalls. We have a Panorama M100 at 8.0.5 (recently upgraded from 6.1.10) with 5020 FW's at same release. We are NOT able to do the reachback to Palo Alto servers since we are a segregated testing network. When i go through the process to push the Apps&Thr...

Trouble installing manually or from ISO on ESX

Have followed all the articles I can find. Trying the ISO, I can login and basically gets stuck right after login at "initializing minemeld, this can take some minutes......", and left it for minutes/hours/days, just never finishes. Tried canceling out and checking if its running and get some other errors about "no module named datetime". Cou...

Spetka by L1 Bithead
  • 8305 Views
  • 7 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks