This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

Global Protect not using new DNS servers

Greetings!We recently migrated to a new DNS server in our internal network; With this, we also updated the configurations on the firewall configuration, and on the GP setup to reflect this. We have the PAN giving IP's to GP clients directly (not relayed), and whenever someone connects to the FW, they are getting the old DNS servers, not the new ...

TAXII or STIX generic miners?

Is it possible to have TAXII or STIX generic miners for internal custom feeds? We are exploring the data sharing between different vendors for our internal environment and instead of waiting for the vendor to come up with the integration, rely on external standard feed. If yes then how? Thanks in advance!

Resolved! Connection aborted error when 'running' miner job

I'm seeing error indicators for 3/4Miner nodes. The error is ('Connection aborted.', gaierror(-2, 'Name or service not known')) I would suspect this is not desireable and would like some direction how to fix that? This is a new installation which has been handed over to me so it's basically an out of the box configuration. I see that ther...

Miner.PNG

GlobalProtect Data File will not install

Greetings, I upgraded to PAN-OS 8.1 / GP 4.1 in order to take advantage of the new interface. This is a new deployment and I didn't want to roll out the old interface to the users. Everything went smoothly except for HIP/OPSWAT v4. I followed the instructions...but every time one of my firewalls ( i have three) tries to update the data file I ...

Resolved! Query on multi Gateway in GP

Hello, We are running PAN-OS 8.0.7 and require a second external gateway to connect a POS server (which can run the GlobalProtect client fine). The configuration has been done and the client successfully authenticates but for some reason the Agent configuration which would instruct the client to connect to the POS gateway is not being selected -...

Farzana by L4 Transporter
  • 3486 Views
  • 3 replies
  • 0 Likes

GlobalProtect connection error "Could not connect to portal"

Hello, We have 1 colleague is facing VPN connection issue, the VPN client is 4.0.3, PA OS is 8.0.3. His certificates is valid and his colleague's VPN is working well, the same domain, the same VPN client version. From his PC, is able to resolve the FQDN of portal. When he opens portal from broswer, his is able to download the agent after input A...

qd_056 by L2 Linker
  • 10419 Views
  • 3 replies
  • 0 Likes

Resolved! GlobalProtect with MFA/Dual Authentication

I've been looking up and down and can't seem to find a solution. I'm trying to authenticate to the GlobalProtect gateway or portal via Radius (which is tied back to AD) then to DUO for MFA. The user should point to the portal/gateway, receive a username/password prompt, authenticate via Radius, then receive a text message from DUO (or call) and ...

How to Block specific HTTPS Sites?

Hello, I'm struggling to block some internal https sites. I have to block various sites/urls of a server from a specific zone, while I have to keep some others open The urls look like:https://servername.suff.dom:8443/aaa/bbb/ccc/ddd/eeeee_ff_application1 Now I have to block application1 to application 4, while keeping 5 to xx open. Btw I dont kn...

PhLang by L1 Bithead
  • 3510 Views
  • 5 replies
  • 0 Likes

Replacing PA500 with PA220

Currently have a PA500 (in virtual wire mode). Ordered a replacement PA220. I followed the instructions on connecting to the new unit and assigning a new IP address. It too is in Virtual wire mode. I need to understand how to transfer my configuration to the new unit. Also need to understand how to connect the device to the production network wi...

jharlow by L3 Networker
  • 3648 Views
  • 3 replies
  • 0 Likes

Authentication Tab Error

Hi After upgrading to 8.1 version, I can not see the Authentication and User-ID tabsthis happens only with my user authentication tab

Screenshot_1.png
Frazão by L1 Bithead
  • 2157 Views
  • 1 replies
  • 0 Likes

Managed devices list export

I thought this would be something easy to look up and preform but I am obviously to optimistic. What I would like to do is export a CSV or txt file with all the managed devices out of Panorama with thier device name, model, OS Version #, HA status, Management IP, serial number. I can get all the information from the GUI under Panorama -> Ma...

vseward by L1 Bithead
  • 5130 Views
  • 4 replies
  • 1 Likes

Resolved! Disable User-ID Syslog messages

I get litterally millions of the syslog messages below (different users), and I think that they have to do with the user-id agent or user identification in someway. Currently I am logging absolutely everything to a syslog server that pumps it all over to a SoC. I would like to disable these syslog messages. Does anyone have any ideas on this?...

DIRTT by L2 Linker
  • 3355 Views
  • 2 replies
  • 0 Likes

ssl err_cert_authority_invalid

Hello I have added our selfsign SSL that we generated from a windows CA server for our district. When I add it to the firewall under the Device Cert and use it for the forward trust I am getting this error ssl err_cert_authority_invalid I am not sure what could be causing this error Unless it is caused by the fact the domain is not listed in t...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks