This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4235 Views
  • 0 replies
  • 0 Likes

Anyone use "Expired Active Directory Password Change for Remote Users" in PAN version 8.1 and GP Ver

Hi,Anyone use "Expired Active Directory Password Change for Remote Users" in PAN version 8.1 and GP Version 4.1?https://www.paloaltonetworks.com/documentation/41/globalprotect/globalprotect-app-new-features/new-features-released-in-gp-agent-4_1/expired-active-directory-password-change-for-remote-usersDoes it work? Can you do it with LDAP or do y...

junior_r by L3 Networker
  • 3890 Views
  • 3 replies
  • 0 Likes

UDP log that hit any deny rule and show allow

Hello, i have a question about UDP session rule 34untrust anytrust anyapp icmp, traceroute, pingservice anyaction allow rule 214any any deny you can see allow log hit rule 214i found similar case about tcp.https://live.paloaltonetworks.com/t5/Management-Articles/Action-Configured-in-Security-Rules-and-Seen-in-Traffic-Log-is/ta-p/62785 i think ...

20180616_111325.png
hbshin by L2 Linker
  • 2689 Views
  • 3 replies
  • 0 Likes

Moving a Layer Two Switch between FW pair and Edge Router from ISP Issue

We are attempting to move a pair of VCP'd layer 2 switches between our ISP's CIENA and our PA 5220 pair. Our ISP is only giving us a single handoff so we were attempting to plug the handoff into the layer 2 switches (nexus 9ks with VCP) on a access port with vlan 602. The switches also have trunk ports connecting to the Palo Alto's with LACP.W...

davic09 by L0 Member
  • 2436 Views
  • 1 replies
  • 0 Likes

World Cup 2018

Anyone have a custom APP-ID to block world cup 2018? or is palo going to release one?

Ntripp by L1 Bithead
  • 5421 Views
  • 5 replies
  • 0 Likes

Resolved! Taxii Feed Error

Dear all, today my Taxii Output stopping working, in minemeld-engine.log i see these errors: 2018-06-15T13:23:33 (24179)actorbase._actor_loop ERROR: CyberSOC-taxiiDataFeed-Test - error executing ActorCommand(command='update', kwargs_={u'source': u'MISP_CyberSOC_anyEvents', u'indicator': u'https://pastebin.com/v10rKA6d', u'value': {u'confidence':...

rafy92 by L1 Bithead
  • 6735 Views
  • 5 replies
  • 0 Likes

Failed to resolve domain name

Hi,i get in the system monitor a message Type dnsproxy and event resole-fail mgmt-obj 'Failed to resolve domain name:server.domain.com after trying all attempts to name server(s): IP_from_internal_DNS 8.8.4.4 'and i dont know why.I have set and Object for the server.domain.com DNS Name to the IP but error comes again.In Device -> Setup ->...

Globalprotect client VPN for remote users and Office LAN users?

My company has a number of offices which do not have an on-site fw but instead have a router to connect to corporate MPLS through which they also receive internet.I’ve been asked to look at implementing a globalprotect vpn for all users whether they are on office lan or remote. Is this a standard use case, tunnelling all traffic through vpn to t...

welly_59 by L3 Networker
  • 4463 Views
  • 5 replies
  • 0 Likes

Global Protect and CCMCACHE

I have a user that I am trying to reinstall Global Protect (v.4.0.6-7) for. However, whenever I try to install it, i get message that it is trying to find globalprotect64.msi in c:\windows\ccmcache11. CCMcache11 does not exist. So I pointed the installation to the msi file I had for it in the downloads folder but it then said it was corrupt. I ...

Arena225 by L0 Member
  • 3850 Views
  • 3 replies
  • 0 Likes

OSPF Adjacencies Flapping over IPSec Tunnel

Hello, I would like to open this issue up for discussion, and possible resolution. We have an IPSec Tunnel between two Palo Alto Firewalls (PAN 3050 & PAN 820), and we advertise OSPF routes to interconnect both sites, over the tunnel. This was working fine for months with no issues. Four days ago, we upgraded the 3050 from PANOS7.1 to PAN...

want to upgrade to 8.0.X

Hey guys,I have a HA pair of 3020s with 7.1.7and a single 820 firewall with 8.0.2 Which version can you recommend for the 3020s and the 820? 8.0.5?8.0.6?Is there anything to be aware of?

MPI-AE by L4 Transporter
  • 7167 Views
  • 14 replies
  • 0 Likes

Resolved! I have two questions. about UDP Application & policy action

Hello, I have two questions. 1. How can Paloalto Firewall identify UDP Applications (ex : sip, ntp, sip, dns, snmp, tftp..) with one packet from source received ? 2. when i configure service any What is difference policy action deny & drop? Best regards.

hbshin by L2 Linker
  • 2776 Views
  • 1 replies
  • 0 Likes

PA-5200 QSFP+/HSCI DAC Cable type

Hi, PA writes in his Front Pane description HSCI port "PA-5220 firewall —One QSFP+ 40Gbps port (supports only a 40Gbps (QSFP+) transceiver or QSFP+ active optical cable)." and nothing for the QSFP+ ports. Does PA-5200 also support 40G QSFP+ DAC Passive Copper Cable and if so on QSFP+ and HSCI Port? Has anyone tried out? Regards Robert

Resolved! VPN set up when other party uses L2TP

Hi Members I have a vpn to set up when the peer end has asked for L2TP Ipsec. The other end is using some windows based built-in VPN.Can this be set up? Does PAN support L2TP? Thank you

R_Sharma by L2 Linker
  • 3042 Views
  • 2 replies
  • 0 Likes

VM-50 DNS problems

Hello allUsers unable to access some websites especially google.com, gmail.com. There isn't anyblock rule for internet access for the users.

Radmin_85 by L4 Transporter
  • 1765 Views
  • 1 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks