This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1811 Views
  • 0 replies
  • 0 Likes

Resolved! LDAP group member enumeration problem

I am running PAN OS 8.0.7 and having a problem with getting the members of a group enumerated by the firewall.

 

The group is shown by the firewall in the GUI and can be added to security policies, and the CLI if I run the "show user group list" comman

...

rbentley by L0 Member
  • 4106 Views
  • 1 replies
  • 0 Likes

Strange packet drop

Hello guys,

 

I have a PA820 in active/passive mode who has a strange behaviour. I have created a rule that permits that traffic but the device drops it. I see "allow"in the logs, but with a capture I can clearly see the SYN in the dropped section and

...

PA_log_forum.png
PA_rule_forum.png
Shye80 by L1 Bithead
  • 2418 Views
  • 2 replies
  • 0 Likes

Any issues not documented on version 8.0.6?

Hello Community,

Since the security advisories were released yesterday, we are looking to upgrade to the newer version. Has anyone experienced any issues with 8.0.6 from 8.0.5 that are not in the release notes?

 

 https://securityadvisories.paloaltonetw

...

Resolved! TEST VM-500 on ESXi Deployment

Dear Community,

 

I hope you are doing alright.

We are in process of renewing our firewalls and I would like to test-deploy latest version of the Palo Alto VM-Series 500 on VMware vSphere Hypervisor (ESXi).

 

Could you please let me know how I can the fol

...

Resolved! PA cluster certificate missing

Hi,

 

We have two devices in HA, we realized that active node has a certificate (captive portal) but the passive not. The configs are synchronized but the passive doesnt have this certificate. We tried to export this certificate from node active and im

...

Resolved! ROBOT attack - some advice needed

Hello

 

According to https://live.paloaltonetworks.com/t5/Threat-Vulnerability-Articles/PAN-OS-exposure-to-ROBOT-attack/ta-p/192397

For complete protection, signature #38407 must be applied upstream from any interfaces implementing SSL Decryption, or ho

...

_slv_ by L4 Transporter
  • 6606 Views
  • 5 replies
  • 0 Likes

Edge Firewall Design

I am trying to design the edge firewall and core network currently and I have a core Layer not in a "stack" or "VSS" so they are independent Core switches. They are doing the routing to the private WAN, and will be doing the routing to the Edge Firew

...

UserID and VPN

Is it necessary to have userid enabled on the VPN zone interfaces to see the userids?

jdprovine by L4 Transporter
  • 3388 Views
  • 8 replies
  • 0 Likes

Trust and Untrust on same interface

I am pretty new to the Palo Alto's so I have a questions that will be pretty easy to answer.

 

I am setting up a PA-820 in Virtual Wire and we have both Trusted and Untrusted networks on the same interface from the router.  The External interface is th

...

Default cursor location on GlobalProtect iOS login

Is there a place to report issues? On GlobalProtect forIOS, you can save your default username for your VPN, and the app pre-populates the field, however it leaves the cursor in the username field. It should, however, start in the password field. It ...

wseguin by L0 Member
  • 2466 Views
  • 3 replies
  • 0 Likes

Resolved! Does globalprotect detect roaming between networks?

Dear Community, 

 

I´d like to check with you regarding the following globalprotect scenario:

 

I´m connected with my laptop to the LTE mobile network to be outside and I´m connected to the external gateway, when I connect to the wifi network... Is it po

...

Carracido by L3 Networker
  • 3397 Views
  • 2 replies
  • 0 Likes

Failover IPsec VPN with Dual ISP

There are serveral resource available for Dual ISP and with Failover VPN on Live community such as https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-a-Palo-Alto-Networks-Firewall-with-Dual-ISPs/ta-p/59774 . But here are sti

...

Ch.Ratha by L1 Bithead
  • 11127 Views
  • 5 replies
  • 0 Likes

Resolved! Determine IPSec tunnel performance?

Hi folks,

 

We have several IPSec tunnels, but only one is complaining of poor performance using a specific application that the tunnel is meant for.  Management asking for firewall stats to prove if it is related to IPSec tunnel/firewall performance i

...

OMatlock by L4 Transporter
  • 9819 Views
  • 5 replies
  • 0 Likes
  • 24241 Posts
  • 117 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks