This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4262 Views
  • 0 replies
  • 0 Likes

Resolved! PBR forwarding does not work

For the first time I configured a Palo Alto firewall.I have created three zones each connected with a specific interface:INTERNEXTERNDMZ For each zone I created a virtuel router each configured with static routes :Intern:DMZ -> Interface DMZDmz:EXTERN -> Interface EXTERNINTERN -> Interface INTERNExtern0.0.0.0 0.0.0.0 -> IP ISP Router...

ZEBIT by L3 Networker
  • 7125 Views
  • 7 replies
  • 0 Likes

Pro active monitoring for routing table

Hello, We have faced problem where routing table is full and we had an outage where customer were unable to access Internet for specific sites. We asked for syslog or SNMP traps on it but we received as of now, there is no provision to monitor it. We would like to add this as a feature request to have monitoring for routing in place. Reg...

OpenVPN to a server behind PA

I have a dest NAT setup with port translation thus:untrust untrust public IP tcp 443 > private IP tcp 1194 Policy set asuntrust trust any src to public IP for 443. The NAT works fine, but I see aged-out on the traffic monitor, and no traffic at all on wireshark on my PA > Server LAN. Am I missing something?

Resolved! Problem with Panorama shared context

Hi, I am currently migrating our firewalls to Panorama and have a problem with shared settings.Every Panorama commit shows me Warning: Disabled applications in shared: intercall google-spaces-base google-spaces-posting zenefits gitlab-base gitlab-uploading jumpshare-base jumpshare-uploading xfinity-tv newton-mail cylance directv ms-teams quip fi...

linhartj by L0 Member
  • 7180 Views
  • 2 replies
  • 0 Likes

GlobalProtect Users appear on GUI and not on CLI

PANOS 8.0.5Current connected GlobalProtect Users appear on GUI by “Monitor/User-ID/Source-type=globalprotect” and not appear on CLI "show user ip-user-mapping all type GP”: the record is not absolutely present.On PANOS 7.1 the CLI command "show user ip-user-mapping all type GP” shows the current connected users. LA

Aiace by L1 Bithead
  • 3155 Views
  • 1 replies
  • 0 Likes

File minemeld-web.conf doesn`t exist

I`m looking for file minemeld-web.conf into /etc/nginx/sites-available/minemeld-web.conf directory but it doesnt exist, there`s only default file. I need to change HTTPS services to HTTP I installed the super fast setup from the site https://live.paloaltonetworks.com/t5/MineMeld-Articles/Running-MineMeld-on-VMWare-desktop/ta-p/72038 Greetings

vhgambit by L1 Bithead
  • 3676 Views
  • 1 replies
  • 0 Likes

Resolved! OpenConnect client with a Global Protect plugin

Hello, We found that only 1 factor authentication is required when connecting to the VPN using OpenConnect client with a Global Protect plugin, it appears that it bypasses the portal authentication and only requires the gateway authentication. We have X-Auth disabled, and cannot restrict connections by Linux OS. Currently our portal is configur...

Farzana by L4 Transporter
  • 25490 Views
  • 2 replies
  • 1 Likes

Licence NFR PaloAlto

Hello I just receive my PA-850, i made the registration of the device in support section, but after this registration, i can't see the licences for the new device :Threat PreventionBrightCloud URL FilteringPAN-DB URL FilteringGlobalProtect GatewayGlobalProtect PortalPA-VMPremium SupportWildFire Licensethose licenes are inclued in NFR licence ? i...

nfr palo.jpg

Resolved! Log Forwarding for Flood event

I'm familiar with the process of setting up a log forwarding profile and attaching it to a security rule. But how would this work for alerting on a flood event? In a flood the attacker IP is 0.0.0.0 and the victim IP is 0.0.0.0. This won't match any of our rules.

Global Protect on macs using active directory logins

Hi We use ad accounts for users to login to the macs (arrange of MacOS versions), but from a certain day we been told that users need to use global protect to VPN in our sister company to use certain resources, mainly email. Once global protect is on and connected, if the users screen saver kicks in.. the machine will no longer verify their user...

slinxy by L0 Member
  • 1941 Views
  • 1 replies
  • 0 Likes

Resolved! User-ID Agent - Failed to validate client certificate

Hi, I am running a v6.0 Palo virtual firewall and trying to connect to a user-id agent on a Windows 2k8r2 server. I am running version 8.0.4-5 of the UID agent. I have configured as per all documentation however I am getting the following log messages popping up in the agent software: Failed to validate client certificate, thread : 1, 1-0! If I ...

Application Risk level

What happens when you change an application risk number from a 5 to a 1? Does this just change the read out of your risk level or does it change the way the firewall acts on the application?

jdprovine by L4 Transporter
  • 5284 Views
  • 4 replies
  • 0 Likes

Schedules expired

Hi Community I see when the schedule policy has expired the rule continue as a enable rule but It doesn´t work because the rule has expired,Can you tell me how I can find the expired schedules?, is it possible to configure somehow when the rule has expired appear as a disable rule? Regards

ftrimino by L0 Member
  • 4443 Views
  • 3 replies
  • 0 Likes

Blocking Bittorrent

Hi Everyone, Is there a way to limit the sessions on bittorrent with Palo Alto ? You can only enable a session limiter based on a service, but not on an application i think? Anyone has some suggestions ? Goal-> Limit bittorrent traffic. Users must be still able to download via bittorrent but the experience should be limited. Kind Re...

  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks