This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

Resolved! Failed Install dynamic update

Good Morning, Last week, one of our Firewall had a power failure, after recovering, we have seen that dynamic updates are downloaded but not installed correctly I have reviewed the "less mp-log ms.log" file and you see the error is as follows: rpmdb: Program version 4.3 doesn't match environment versionerror: db4 error(-30974) from dbenv->ope...

Captura.jpg

Resolved! autolock

It was recommended that we turn on autolock so that people would not step on each other commits so we did. We had a non admin user create a filter, it requites a commit and he has no admin rights to commit. So the firewall became locked and no one could commit the change - anyone run into this before? If you have how did you deal with it. We hav...

jdprovine by L4 Transporter
  • 4738 Views
  • 5 replies
  • 0 Likes

Nodes polling error

Hello somewho have an idea? Installed Minemeld on an fresh Ubuntu 14.0.4 like the manual installation guide. Import the Office365 configuration All Nodes got an SSL Error message see below 2017-04-19T12:45:54 (22890)basepoller.hup INFO: office365_O365 - hup received, force polling2017-04-19T12:45:54 (22890)basepoller._huppable_wait INFO: hup ...

Resolved! How does URL Filtering Works

Hi Guys, I have slight confusion about the working of URL filtering i.e once u define the URL Filtering Profile on any rule how does the URL or any website gets catogorised,i mean how does the PA knows that this website belongs to this category. I know that there is a download of URL filtering DB from PA periodically,so is it the a particular we...

mahmoodm by L3 Networker
  • 5997 Views
  • 5 replies
  • 0 Likes

User activity Report

Hello allis it possible to put timestamp in user activity report for chronology?I am checking the Including detailed browsing but i can not see in the report which user or group of users at what time went into some resource

Radmin_85 by L4 Transporter
  • 1802 Views
  • 1 replies
  • 0 Likes

Firewall working as proxy for mail server

I have customer using TMG holding public ssl certificate for mail . The mail server doesnt have ssl certifcate.Customer wants to eliminate TMG and using palo. Can palo hold the cert to authenticate the ssl . Mail serversits behind the palo in trust zone.So customer will login to https://customer_mail.com. which has public of the palo. Palo holds...

Global Protect - two portals same firewall

Hello all, Here is my question. Can I configure on the same firewall one global protect profile to only authenticate users based on certificates and a separate profile to authenticate users based on their AD credentials? Currently I have authentication working with AD but I want to create a separate profile for certificate authentication. Each p...

Resolved! Global Protect with multiple portals

Is it possible to have more than 1 Global Protect portal and gateway on a single appliance? We use tunnel all mode with a route of 0.0.0.0/0 for all of our users. However today a vendors need access but want to use their own systems at the same time. In this case I would not want to tunnel everything, only our private subnet.

nthen by L3 Networker
  • 8821 Views
  • 4 replies
  • 2 Likes

OCSP App-ID fail

Hello,is anyone using ocsp as single app in a rule ? It's sometimes failing to match, seen as "web-browsing" although on very easy to recognize URLs such as ocsp.comodoca.com. Quite annoying when you debug a third-party software failing to setup because of this but only mentionning "cert chain failed".App version 752-4343 on v8.0.5.thanks !

In VSYS vsys1 from zone inside of type layer3 and to zone MPLS of type unknown are incompatible

Hi Guys I have created a new parant Device group that contains shared rules for sub device groups under it. The rulease are zone specific and this is where the problem comes in, I get the error below when commiting to specific device. Last Push State DetailsDetails:. In VSYS vsys1 from zone inside of type layer3 and to zone MPLS of type unknown...

Resolved! Minemeld missing new O365 web

Hi, We have installed PA with Minemeld. Everything is working fine but sometimes we can not access to any function in O365 online (for example "to create a new word cocument"), so we go to PA and we see that in URL logs that PA is blocking this web. So we go to minemeld and we dont see ths new web. So we have to add this web in "allow list" in...

Resolved! PAN-DB download failed. Please check your network connectivity, DNS settings, and NTP settings.

Hi,have a PA200 Updatet from 6.1.x to 7.0.1 and now i get ther error PAN-DB download failed. Please check your network connectivity, DNS settings, and NTP settings. This comes when i will reactivate the PAN-DB licenses because there i no downlaod "Cloud is not ready, There was no update from the cloud in the last 125 minutes. ". I found this hel...

Resolved! Query on URL filtering

Hello, We are using this Security Policy:Source->Inside, User->any, Destination->any, Application->any, Service/URL category->any, Action->allow.We are using Group Profile under Profile Setting with a URL Filtering Profile 'test-URL'.In this URL Filtering profile, we have blocked the categories: gambling, weapons, etc. and allo...

Farzana by L4 Transporter
  • 3723 Views
  • 2 replies
  • 0 Likes

QoS statistics Graphic monitoring Issue

Hello, Using PAN-OS 6.1.17. At first, Bandwidth graph was not showing in both Chrome and IE. The only change I made was adding all the classes into the QOS profile. The classes that were in use by QOS were already showing up in the other statistics tabs before I added them to the profile, so I assumed that they were only required to be added to ...

Farzana by L4 Transporter
  • 4109 Views
  • 4 replies
  • 0 Likes

When are we getting a GlobalProtect Client for Linux

Hey guys, I already know how to get my Linux clients (Ubuntu) to connect via xAuth, and it works great. However, I've been tasked with implementing MFA to the VPN infrastructure. Works fine for the Windows/Mac clients using the GlobalProtect Client. However, my Linux clients can't connect because they never receive a prompt to enter their token....

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks