This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4434 Views
  • 0 replies
  • 0 Likes

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Enterprises are embracing AI to revolutionize their operations, but with innovation comes new cybersecurity challenges. That’s why you can’t miss Ignite on Tour! This event is your gateway to exploring how AI is transforming cyber defenses. Join us to: Defend Against AI-Driven Attacks Secure Employee Usage Protect AI Development Simplify Cy...

emgarcia by Community Team Member
  • 2200 Views
  • 2 replies
  • 4 Likes

How EDL Tor Exit IP Addresses is updated?

Hello, I have noticed the EDL Tor Exit IP Addresses includes only over 1200 entries and the total list of exit nodes is over 12000: https://www.dan.me.uk/tornodes I was wondering based on what criterion Palo Alto is updating the EDL. Does anyone know this? Just because the EDL doesn´t reflect not even near the total number of IPs. Thank you!

Carracido by L4 Transporter
  • 4156 Views
  • 3 replies
  • 0 Likes

Autocommit loop error and interfaces 'connected but down' after upgrade from 11.0.4-h2 to 11.1.4-h1

Hi All, I already posted this in "Discussions > Network Security > Next-Generation Firewall Discussions", but I'm unsure if that is the best place for this issue. https://live.paloaltonetworks.com/t5/next-generation-firewall/autocommit-loop-error-and-interfaces-connected-but-down-after/m-p/599882#M3856 After upgrading my PA-VM VM-...

OKelly by L1 Bithead
  • 3281 Views
  • 3 replies
  • 0 Likes

ESP_TFC_PADDING_NOT_SUPPORTED

Working with PA 5250 and ASA on the other end. The tunnel between is up and communication flows across however we are seeing constant system errors being logged. When we enable the tunnel we get the following. IKEv2 child SA negotiation is succeeded as initiator, non-rekey. Established SA: x.x.x.x[500]-y.y.y.y[500] message id:0x00000C44, SPI:0x...

vnt90 by L2 Linker
  • 46411 Views
  • 10 replies
  • 1 Likes

Issues with decryption on versions higher than 10.2.8-x, TAC no help

Brief summary, we have a pair of 3420's that where on 10.2.8-h3 for several months with no issues, suddenly one day we had issues with what seems to be OOM but was never fully confirmed by TAC, but recommended to upgrade to 10.2.10-hx(we choose 7 as it included the fix and other fixes as its incremental). This seems to have fixed the OOM issue, ...

Log Forwarding - Traffic Works, Others Do Not

I have to be missing something simple, for forwarding logs to a collection server. I can get the traffic logs, no issues, but all the other logs, will not send (Threat, Wildfire...). Do the other logs need some kind of special forwarding, or permissions in the OS? I have all the log types set in one section of the Objects->Log Forward, i am a...

Block the Teamviewer connection from outside to a specific computer

Hello! Is it possible to block a user from using Teamviewer whether he or she is on a personal laptop or mobile device using the Teamviewer app to remote/connect to a specific computer inside the corp network? HR has asked to block any outside connection so the end-user cannot use any more Teamviewer from the outside world to remote to a specifi...

FreddyC by L1 Bithead
  • 4312 Views
  • 3 replies
  • 0 Likes

Resolved! IPSec setup with certificate

what are the steps to configure certificate based IPSEC. Do we have step by step document to configure OR the use of certificates for IPSec. and what are the steps to troubleshoot Phase1 / 2 for the same?

Terminal Services Agent allocates ports outside the defined port range

Hi, I have the problem, that the Terminal Services Agent sometimes allocates ports to users that are out of their port range.That leads to the usage of wrong security polices. For example for one user I configured 22800-22999 as the port range.That user is not allowed to download certain files.Now sometimes the user gets port 58729 allocated and...

GlobalProtect not allowing internet access when Parallels or Docker are running

MacOS installed: macOS Sonoma 14.5 latest GlobalProtect client installed: 6.0.7-372 Parallels Desktop: 18.2.0 (53488) As the post title says, when Parallels or Docker are running, our GP isn't allowing network access (myself and others are having similar issues, I don't run Docker locally personally, so I didn't put a version number, but inclu...

User-ID Agent Connected Status Shows Red

This is a PSA for anyone having issues connecting/ setting up the User-ID Agent program on a Windows server.After installing the correct User-ID Agent from Paloalto's support site, you need to make sure you've set correct security/ access settings for the user you will bind to the agent. I found these instructions pretty easy to follow.https://k...

Unable to add AD group to Group Include List

System logs showing error: User Group Count of 'xxxx' Exceeds Threshold of 1000. I am trying to shrink the group numbers by using specific user group. Issues: 1. on Panorama template setting, there is no option to select the user group, pls refer to attached screenshot. 2. On firewall local device, i tried to configure configure by override fr...

After upgradation no traffic flow between DMZ to WAN

Hi Team, I hope you are doing well. One of our customers is attempting to upgrade their PAN-OS version from 11.0.4-h1 to a higher version, as the 11.0 version is nearing its end-of-life. The issue encountered is that whenever we upgrade beyond version 11.0.4-h1, communication between the DMZ and WAN zones is lost. Specifically, after the u...

Error deleting custom URL categories?

I created a custom URL category and then tried to delete it and got this on the validate, any ideas please? Operation ValidateStatus FailedDetails member corp-blocking-exclusions is an invalid referenceInvalid blockInvalid url-filtering corp defaultInvalid url-filteringInvalid profilesInvalid vsys vsys1Invalid vsysInvalid configurat...

Panorama and firewall upgrades schedule

Have a question related to the upgrades; Can i schedule the Panorama software upgrade ? Also , can i schedule the Managed firewall upgrades through Panorama ? I see schedule option for App and threat updates but not for PanOS images

  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks