This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4466 Views
  • 0 replies
  • 0 Likes

Resolved! Captive Portal settings

I am running Palo Alto Pan OS version 7.1.11 and need to adjust my captive portal settings. How do I disable or bypass the captive portal for particular networks. I have a guest network that I do not want any authentation and need to make sure the user is not bothered by a pesky captive portal logon.. Thanks

rmsdip3 by L1 Bithead
  • 4464 Views
  • 4 replies
  • 0 Likes

How to limit application or rule sessions

Hello. Let's going to say that I have the following scenario: - 1 remote server where can be connected just two users at the same time- Group of 3 users (Group 1 => user1, user2, user3)- Group of 3 users (Group2 => user4, user5, user6) I would like to allow just one user of each group at the same time, to do it I checked application overr...

m.molina by L1 Bithead
  • 2713 Views
  • 1 replies
  • 0 Likes

Resolved! FW's Not connected to M100, SSL failed to connect to panorama

We are on a test network with one Panorama m100 and two PA-5020s that are at 6.1.7 (there are reasons). they have not been modified lately but are showing disconnected after an attempted push. They show In Sync, for Shared Policy. Out of sync for templates. Last commit status is not connected. They were/are not an HA pair When i have tried the ...

Dataplane under severe load - Log entries

I see occasional "Dataplane under severe load" log entries. It is now occurring most days, sometimes a few times a day. Our monitoring system never shows the CPU average over 30% so whenever it happens it is apparently very brief. I also have never noticed any particular issues that correspond with these events. The events usually occur far ...

dp high load.PNG
Demast by L2 Linker
  • 4957 Views
  • 3 replies
  • 0 Likes

Resolved! How much hardware can I assign to the Virtual Firewall?

Hello, everybody. I want to acquire the VM-300 virtual firewall which is equal to the VM-1000-HV, for KVM. I do not wonder what the minimum requirements are. I wonder how much is the maximum I can assign from Memory Ram and Cores to this virtual firewall? Greetings and thank you for your help.

javihere by L1 Bithead
  • 2377 Views
  • 1 replies
  • 0 Likes

Stop web browsing to ssl

The external IP of our WiFi controller requires 443 to be open to the internet, so we have this open on our inbound rule>external IP of the controller. 443 needs to be open but we don't want this to be accessible via a web browser - as currently this rule allows the external IP to be accessed via https. Is there a way of stopping this behavi...

Resolved! Schedule a rollback to last known good configuration

Hi all, Is it possible to rollback to 'last known good' configuration, or even previously running config. Say for example I make some changes and issue a commit, then subsequently lose connectivity. Is there a mechanism to schedule a rollback to previously running config after say 5minutes?. Many thanksAjaz NawazJNCIE-SEC No. 254CCIE-RS No. 15721

nawaza by L2 Linker
  • 7736 Views
  • 6 replies
  • 0 Likes

RTP and RTCP traffic jumping rule

Hi, We have created a rule for Voice IP. Zone A to Zone B / Application RTP - RTCP / Service ANY / PERMIT So all the voice RTP connections should matched in the previous rule, but we are seeing connections which should be matched the previous rule but its matching in this rule: Zone A to Zone B / ANY / ANY / PERMIT Its like some connections are ...

Upgrade traps

Hi, Any advice about upgrading traps from 3.4 to 4.0?? can i install directly 4.0.4???We have an external database. 3 Cores, 2 Console. Any order to do this upgrade or procedure???thanks

Resolved! Failed commiting config from Panorama

Hi, We have a Panorama with several FWs managed. We commited the config but in one of these FWs was failed.Looking in panorama we see that this device is out of sync (in templates and shred policy). how can i force this commit?? or to have any reason for this fail??. I dont see any error or how to investigate....

Integrate with MISP

Hi all, Do you know something sample about integration with MISP (Malware Information share platform)??? So another question is about scripts, can I launch a script into conifg a new prototype? If I've created a new prototype I set a url option...can I set the url option for script option???? Thanks a lot

SantiBT by L2 Linker
  • 23115 Views
  • 19 replies
  • 0 Likes

Ignore all Computers from xmlapi mappings

Hi Everyone,I am trying to intergrate clearpass with Palo alto using xlampi, all was going well however i struck a problemIn clearpass i have two types of users that are autheticating, domain joined machines (which authenticate using "compute authentication" and i also have byod users that authenticate using user based ad authetication.so when a...

Resolved! Troubleshooting SSL decryption failure of a website

Hello. We are using panOS 8.0.7 , Pan-DB URL filtering, and SSL decryption. We are K12 education and use many Chromebooks in the organization. We are trying to use a system called Clever to have our students log into their Chromebooks by scanning a QR code. The problem is I cannot get the program to work. (https://clever.com/) I know the issue ...

dannon by L3 Networker
  • 12368 Views
  • 10 replies
  • 1 Likes

Clear Policies, Rules, Configuration without Factory Reset

Hello Community, Can someone please let me know if its possible to clear the PA-VM of all Security Policie, NAT rules, configuration, logs etc without issuing the command: request system private-data-reset This command requires that I re-install the license when all I want to do is clear the configuration etc. Thank you

Resolved! GlobalProtect client issues with Windows Hello login - Windows 10

Hi all, we've recently started using GlobalProtect but when using the client on my devices I've noticed an old issue that I first saw quite a while back during testing, wondering if anyone else has experienced it or has a fix? I run Windows 10 (1709) on my laptop using fingerprint login via Windows Hello. The functionality worked reliably until ...

hcnsgxs by L0 Member
  • 17851 Views
  • 4 replies
  • 0 Likes
  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks