This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4121 Views
  • 0 replies
  • 0 Likes

The FW Can not match User based Rule when users were changed IP in using GP internal Gateway.

My customer uses GP Internal Gateway with a non-Tunnel mode.It means it uses just only user authentication and enforces user-based rules. I am facing an issue .A user was connected to GP Internal GW in office 1F and successed authentication.The FW was updated A user has 192.168.1.1 from GP.The user moves to 2F and changed IP from 192.168.1.1 to...

how to write a simple miner documentation

Hi there, I'm a new user, so hopefully this is a simple question. I installed minemeld via source code on ubuntu 14.04 using the instructions on this page : https://github.com/PaloAltoNetworks/minemeld-ansible The installation went smoothly and there were no errors. I then went through the exercise of writing a test miner using these ...

vb0398 by L2 Linker
  • 16596 Views
  • 18 replies
  • 0 Likes

Resolved! PBR forwarding does not work

For the first time I configured a Palo Alto firewall.I have created three zones each connected with a specific interface:INTERNEXTERNDMZ For each zone I created a virtuel router each configured with static routes :Intern:DMZ -> Interface DMZDmz:EXTERN -> Interface EXTERNINTERN -> Interface INTERNExtern0.0.0.0 0.0.0.0 -> IP ISP Router...

ZEBIT by L3 Networker
  • 6963 Views
  • 7 replies
  • 0 Likes

Pro active monitoring for routing table

Hello, We have faced problem where routing table is full and we had an outage where customer were unable to access Internet for specific sites. We asked for syslog or SNMP traps on it but we received as of now, there is no provision to monitor it. We would like to add this as a feature request to have monitoring for routing in place. Reg...

OpenVPN to a server behind PA

I have a dest NAT setup with port translation thus:untrust untrust public IP tcp 443 > private IP tcp 1194 Policy set asuntrust trust any src to public IP for 443. The NAT works fine, but I see aged-out on the traffic monitor, and no traffic at all on wireshark on my PA > Server LAN. Am I missing something?

Resolved! Problem with Panorama shared context

Hi, I am currently migrating our firewalls to Panorama and have a problem with shared settings.Every Panorama commit shows me Warning: Disabled applications in shared: intercall google-spaces-base google-spaces-posting zenefits gitlab-base gitlab-uploading jumpshare-base jumpshare-uploading xfinity-tv newton-mail cylance directv ms-teams quip fi...

linhartj by L0 Member
  • 7103 Views
  • 2 replies
  • 0 Likes

GlobalProtect Users appear on GUI and not on CLI

PANOS 8.0.5Current connected GlobalProtect Users appear on GUI by “Monitor/User-ID/Source-type=globalprotect” and not appear on CLI "show user ip-user-mapping all type GP”: the record is not absolutely present.On PANOS 7.1 the CLI command "show user ip-user-mapping all type GP” shows the current connected users. LA

Aiace by L1 Bithead
  • 3113 Views
  • 1 replies
  • 0 Likes

File minemeld-web.conf doesn`t exist

I`m looking for file minemeld-web.conf into /etc/nginx/sites-available/minemeld-web.conf directory but it doesnt exist, there`s only default file. I need to change HTTPS services to HTTP I installed the super fast setup from the site https://live.paloaltonetworks.com/t5/MineMeld-Articles/Running-MineMeld-on-VMWare-desktop/ta-p/72038 Greetings

vhgambit by L1 Bithead
  • 3628 Views
  • 1 replies
  • 0 Likes

Resolved! OpenConnect client with a Global Protect plugin

Hello, We found that only 1 factor authentication is required when connecting to the VPN using OpenConnect client with a Global Protect plugin, it appears that it bypasses the portal authentication and only requires the gateway authentication. We have X-Auth disabled, and cannot restrict connections by Linux OS. Currently our portal is configur...

Farzana by L4 Transporter
  • 25090 Views
  • 2 replies
  • 1 Likes

Licence NFR PaloAlto

Hello I just receive my PA-850, i made the registration of the device in support section, but after this registration, i can't see the licences for the new device :Threat PreventionBrightCloud URL FilteringPAN-DB URL FilteringGlobalProtect GatewayGlobalProtect PortalPA-VMPremium SupportWildFire Licensethose licenes are inclued in NFR licence ? i...

nfr palo.jpg

Resolved! Log Forwarding for Flood event

I'm familiar with the process of setting up a log forwarding profile and attaching it to a security rule. But how would this work for alerting on a flood event? In a flood the attacker IP is 0.0.0.0 and the victim IP is 0.0.0.0. This won't match any of our rules.

Global Protect on macs using active directory logins

Hi We use ad accounts for users to login to the macs (arrange of MacOS versions), but from a certain day we been told that users need to use global protect to VPN in our sister company to use certain resources, mainly email. Once global protect is on and connected, if the users screen saver kicks in.. the machine will no longer verify their user...

slinxy by L0 Member
  • 1912 Views
  • 1 replies
  • 0 Likes

Resolved! User-ID Agent - Failed to validate client certificate

Hi, I am running a v6.0 Palo virtual firewall and trying to connect to a user-id agent on a Windows 2k8r2 server. I am running version 8.0.4-5 of the UID agent. I have configured as per all documentation however I am getting the following log messages popping up in the agent software: Failed to validate client certificate, thread : 1, 1-0! If I ...

  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks