This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Resolved! Office 365 Powershell Decryption Error

I'm testing decryption on our PA-3020 and have found my Office 365 Powershell licensing script is failing to connect with the following error message: New-PSSession : [ps.outlook.com] Connecting to remote server ps.outlook.com failed with the following error message :WS-Management cannot process the request. The operation failed because of an HT...

OID for PA 850

Hi Team please advise if there is any link to refer for IOD for PA 850 , the below link shows information for OID of all the models but not for PA 850 https://live.paloaltonetworks.com/t5/Management-Articles/SNMP-for-Monitoring-Palo-Alto-Networks-Devices/ta-p/61052

Rameshwar by L3 Networker
  • 2719 Views
  • 1 replies
  • 0 Likes

Resolved! No of User ID agents for HQ and sites

Hi All My network topology is like I have HQ with PA-7050 firewall and 3 domain controllers in HQ. I have 22 branches with local domain controller in each branch and firewall is PA-3050. Now I want to deploy user-ID agent, In my scenario what is the best way to deploy user-ID agents. I am thinking below: - Deploy one user-ID agent (with backup) ...

using HTTPS external dynamic lists

Dear All, We are using the version 7.1 and would like to use HTTPS external dynamic lists.But it doesn't seem to work. Is there any additiontal required config to enable this? I believe it requires a username and password for list access from the version 8 but no idea how it works in the version 7.https://www.paloaltonetworks.com/documentation/8...

Bomi by L1 Bithead
  • 2468 Views
  • 2 replies
  • 0 Likes

Resolved! Same vulnerability profile for dns and web servers security policies

Hi I am wondering, firewall does not have the option to make vulnerability protection profiles based on signature categories like vulnerability signatures for dns server and web server and then used them in security policies realted to dns only or web server only. in firewall, I can see I have just only one vulnerability protection profile and u...

nat-t not enabled on vpn tunnel has impact on other tunnels

i just had a weird behavior. i have several ipsec tunnels for clients using the ncp secure entry client.they all have tunnels configured with certificates and a dynamic peer ip. yesterday i created two new tunnels but forgot to check the nat-t checkbox. and some of the users couldn't get a connection via rdp. my understanding was that it shouldn...

VARNObit by L0 Member
  • 3708 Views
  • 2 replies
  • 0 Likes

Normal behavior of LACP in passive/active HA setup.

Hi, I would just like to verify the normal behavior of LACP in an Active/Passive HA setting. Currently we have a pair of PA-3060 running 6.1.10 in active/passive. Both devices have LACP bundles towards a Cisco router.On the active firewall the LACP negotiates properly but on the passive firewall the interfaces shows up but doesnt negotiate the L...

Timeout value of user-ID log

We are using ldap authentication and globalprotect.In the above picture, the timeout value continues to be 2592000 and 0 time out 2952000 and 0 , what does that mean? Why does it look like above? Please let me know.

image.png
jskang by L1 Bithead
  • 4873 Views
  • 1 replies
  • 0 Likes

NAT and security policies

Hi all. I am trying to setup a ADFS environment in our network. The actual ADFS server is located in the internal LAN, and the ADFS Web Application proxy is reside in the DMZ; internal LAN and DMZ is in a different VLAN. The goal is to send user authentications (orginiated from the Internet) to the ADFS web application proxy, and from there i...

EDLs

Can we group EDLs?Once the url is fetched and content is read by the firewall and later the url is deleted, does firewall keep the cache of contents?can firewall detect redundant entries?

Manage client SSL VPN use

Hi PAN Community, I work for a school and we have issues with student VPN use - specifically x-vpn, hotspot shield etc. We have rules in place that take care of the proxies and standard VPN applications and have SSL decryption and URL blocks in place for stuff we don't want students to access ie, pornography. I found the following reddit post wh...

New VM-100 throws error at commit

HiWe have imported a config from a PA500 into a newly installed VM-100 v8.1 (under vmware). After having done some VLAN changes to interfaces, we suddenly started to get the below error message when committing: Can someone point us in the correct direction to look for the culprit..? Thanks a lot 🙂 regards Tor

Commit.jpg

Resolved! content update

I have this question and cannot find the answer from the online training: Which type of content update does NOT have to be scheduled for download on the firewall? I think it is PAN-DB updates but I just need to make sure.

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks