This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4465 Views
  • 0 replies
  • 0 Likes

Bad certificate _ inbound ssl inspection

Hi All we are using 3rd party singed certificate for inbound SSL inspection , once we imported the certificate it is not showing any error and commit is working fine . once we add the certificate to decryption policy it is showing error as bad certificate and commit is failing . The certificate is 3rd part signed CA and its not the CA or subordi...

Rameshwar by L3 Networker
  • 4121 Views
  • 3 replies
  • 0 Likes

Resolved! URL Category and URL Profile in same Rule

We have a default URL Filtering Profile that we use for general use. The default URL Filtering Profile has a couple dozen URL Categories which are set to alert. I need to allow EXEs from only five of the URL categories. If I add the five URL Categories to a rule on the Palo Alto under "URL Category" along with the URL Filtering Profile under ...

GlobalProtect remote access - some pointers

Dear All, I'm relatively new to Palo Alto firewalls and I am attempting to implement GlobalProtect to provide remote users with access to our internal network through the Palo Alto firewall and I am striggling to get even the most basic system working, so I wonder whether I could ask for some pointers for anyone who has got a working GlobalProte...

GlobalProtect Best Practices

I searched through previous threads to see what the best practices are for securing GlobalProtect but the only thread I saw was dated and didn't have too much information. Could anyone share what their best practice is with setting up GlobalProtect? I'm currently using Cisco AnyConnect and would like to transition to GlobalProtect. My enviornmen...

Resolved! LDAP not work if management interface IP address cannot reach Windows AD

Configuration as below 1. Mangement interface with IP 192.168.1.2 (non-PA device as gateway)2. Windows AD with IP 172.16.1.2 (PA device layer3 interface as gateway)3. Subnet 192.168.1.0/24 and 172.16.1.0/24 cannot reach each other With correct LDAP config (LDAP IP, Port, Base DN, etc.). Go to "Device > User Identification > Group Mapping S...

jeremylo by L3 Networker
  • 3302 Views
  • 2 replies
  • 0 Likes

Resolved! VPN not working

Hi, we are configuring a VPn between Palo Alto and PFsense. The VPN is configured properly but its nos getting up. No phase 1 up. We have treid to change all values proposals and lifetime. This is the log. We tried to change lifetime with no success. Whats happening? ====> Initiated SA: 1.1.1.1[500]-2.2.2.2[500] cookie:4ff9f28d21a8b446:cc5af...

BigPalo by L4 Transporter
  • 5356 Views
  • 4 replies
  • 0 Likes

Anti Phishing Continue Page does not redirect and shows certificate error

Hi All, The customer has deployed Credential Detection feature. They are able to view logs of the same on the firewall. They have the action as "Continue" for "Auction" URL category. On submission of credential Response page do not appear and " SEC_ERROR_UNKNOWN_ISSUER" error is displayed. I checked the certificate when the error appears in ...

chromeCapture.PNG

ACC displaying "No data to display"

Hi All,I've been trying to troubleshoot an issue with a PA-5060 using PanOS 7.1.10. For whatever reason Application Command Center is not displaying any data. I've tried to check if any resources may have been hung but there doesn't appear to be any that are hung. Any other thoughts on how to fix this issue? Thanks

Resolved! Understanding Virtual Wire

I am trying to wrap my head around virtual wire from a practical perspective. To me it sounds like an access list apllied between 2 interfaces (e.g Internet & Users). That sounds like a typical concept with firewalls but since security rules would already be called upon to permit or deny traffic between each zone can someone help me under...

Resolved! New To PA- Differences between WebUI & Panorama

My company is about to deploy PA's in a few of our data centers as well as a single Panorama VM. I have a traditional ASA background & want to know some basic theory on how PA's are configured. I am enjoying the free training on the support site but I notice that so far most of it is taught based around configuring from the WebUI. If I un...

Resolved! MineMeld install error bower install

Hi all, I have installed successfully minemeld on a test Ubuntu 16.04. I try to do the same now in production and get an error on bower install : fatal: [127.0.0.1]: FAILED! => {"changed": true, "cmd": ["bower", "install", "--allow-root"], "delta": "0:00:04.657525", "end": "2018-06-29 10:13:24.610040", "msg": "non-zero return code", "rc": 1...

Global protect data file not downloading_not showing anything in Dynamic updates

we have valid license of GP gateway but Global protect data file not downloading_not showing anything in Dynamic updates. when clicking on check now nothing shows up , tried configuring it as automatic download and install but no luck . https://live.paloaltonetworks.com/t5/General-Topics/Not-showing-dynamic-updates-for-global-protect-data-file-...

Rameshwar by L3 Networker
  • 4208 Views
  • 2 replies
  • 0 Likes

User Acitivity Reports - Denied Traffic

Afaik the User Activity Reports only show allowed traffic from the users. I am trying to find the URL from an IP, which I can see the user have been trying to visit, but got denied.Is there anyway to do so? The IP is a service from Amazon, and therefor it's not possible for me to make a simple nslookup.

Unable to block Skype

Testing target is Skype which came with Windows 10.Use the method in the link below and was work (for 1-2 days)https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Block-Skype/ta-p/52103 Then 1 day suddenly found that it not working anymore.Since I'm evaluating it (PA-220). There were many configuration changed. Any idea what possi...

jeremylo by L3 Networker
  • 2349 Views
  • 1 replies
  • 0 Likes
  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks