General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics


Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 


In the past six


jforsythe by Community Team Member
  • 1 replies

Security Advice on SSH & SSL/TLS week ciphers

Hi Team,


I have few queries to be addressed.


We have changed the SSL/TLS version using CLI to TLS 1.2 but when we run the scan we can see TLS 1.1 is also running at the back-end. We need to check which SSL/TLS version is running using CLI of the Fire


Restoring Configuration Between Platforms?

Is it possible to restore a backup configuration from say a PA5000 series to a PA3000 series?  I know there are obviously interface differences between the platforms, and I couldn't find any recent documentation explaining if this is possible.




Policy audit comment in cli

Do you know how can we configure and view Panorama security policy audit comments in the cli or another way for bulk applying comments to policies. 

I will modify policies in bulk using the cli set commands, but also want to add audit comment to all t


batd2 by L4 Transporter
  • 3 replies

Resolved! Not able to view Anti-Virus updates under dynamic updates

Hi Team,


We are having PA-3050 and had renewed our license recently. 


When checking under Dynamic updates we are not able to see the Anti-Virus update column.


Also under the Security Profile we are getting an display as Url-filtering license and Thre



Active cluster

Hello ,


We have a customer having Active /active cluster .  The Panorama lies in another country : The nodes of cluster use the traffic interface ( and not management interface)to reach Panorama , and at firewall we do the NAT , so that on Panorama 


Resolved! Upgrading from 3220 to 3250

Is there a means of copying all configuration from a 3220 PAN to a 3250 including the certificates? 
The main impetus to upgrade would be to accommodate more Global Protect tunnels (2048 instead

of 1024.) I'm trying to understand what that migration mi


Feature Request: ECMP Path Monitoring

We are currently using ECMP to load balance to our two ISPs. Which works great. However since there is no path monitoring(Unless you set static routes). If something happens upstream and your peer doesn't go down the PANs will happily keep sending da


File types need to block

The file type is malicious as per the swift advisory 2021, that need to be block on the Palo alto Firewall.

File Type .gmu,.ekt, .jpn,.er,

SurajN by L2 Linker
  • 3 replies

Global Protect Single/One login Portal/Gateway

Good afternoon, I have a question:


I have Global Protect configured and operating, operating correctly Portal and Gateway.

When one uses the Global Protect App, it always asks 2 times for login, I understand that one is in the Global Protect Portal an


Metgatz by L3 Networker
  • 1 replies

Timeout on syslog sourced User-ID mappings?

Greetings all,


Taking another look at our user-id mappings with our server team today and we've landed on trying 90 minutes for AD.  We set this on the agents installed on two of our AD servers and the firewall is showing the new logs coming in as ha


jsalmans by L4 Transporter
  • 2 replies
Top Solution Authors