This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1183 Views
  • 0 replies
  • 0 Likes

Minemeld administrator rights

Hello,

 

I found how to add a new administrator. But I want this new administrator to get only read access on everything and write access on a miner - in order to add indicators (IPv4 and URL) on it.

 

Do you know if it is possible ? and how ?

 

 

 

GVN2022 by L0 Member
  • 5413 Views
  • 2 replies
  • 0 Likes

SSL Decryption

Hello,

 

I have a PA-VM running on a ESX server.

I want to set up SSL Decryption on it using a SUBCA certificate chain signed by a PKI (windows server).

I check boxes "Forward to trust/untrusted certifcate"

I export the SUBCA to store it on a client machi

...

Incorrect GeoIP location

Hi,
 
It came to my attention that our IP address: 94.23.154.203 according to paloalto geo database appears as it is located in Russian Federation, whereas RIPE and ARIN, NIC, maxmind and others state correctly it is a United Kingdom based IP address.
T
...

pablo77 by L1 Bithead
  • 8364 Views
  • 8 replies
  • 0 Likes

Resolved! IPSec VPN Tunnel - Tunnel interface IP address use?

Hi folks,

 

I am being asked to setup a new IPSec VPN Tunnel and one of the questions from their "worksheet" is what our Tunnel interface IP address is.

 

We have several IPSec VPN tunnels, each with their respective Tunnel Interface assigned.  Most of t

...

OMatlock by L4 Transporter
  • 10900 Views
  • 1 replies
  • 1 Likes

Security policies & Schedules.

Hello,

 

Just a quick question.  Unsure if this has been asked previously. 

 

When applying a non-reoccuring schedule to a security policy,  I have noticed in pan 8.0.x, once the schedule has expired, the policy in the security policy view does not ident

...

mtizani by L1 Bithead
  • 2953 Views
  • 3 replies
  • 0 Likes

Resolved! Maximum number of rule per vsys ?

Hi,

 

I would like to clarify the maximum number of rule/policies per vsys in PA 5220. As I noticed that 5220 supported up to 20k rulea per device.  So, is there any limit of rule per vsys?

 

https://live.paloaltonetworks.com/t5/Learning-Articles/What-is

...

Resolved! Intra-Zone Source (dynamic) NAT

Guest network (10.10.10.0/24) is in Outside zone & Internet link (11.11.11.11/24) is also in same zone.
Guests need to browse internet (say google.com)

My question is about intra-zone source NAT/PAT!

Guest, who is the source of the traffic; requires tra...

Site-to-Site VPN random issue

I have Site A setup with a site-to-site VPN with Site B.  Site A contains all the resources (DC, email, fileserver, etc). The firewall in site B is configured as DHCP for the local clients. Primary DNS is setup for internal AD DC/DNS server. Secondar

...

ce1028 by L4 Transporter
  • 1965 Views
  • 2 replies
  • 0 Likes

Office 365 access advice

We are moving to Office 365 Exchange Online and may use some other Office 365 services in the near future such as SharePoint Online or OneDrive for Business.

 

I found the FAQ "Office 365 Access Control" and have configured the requisite custom applica

...

Group Mapping Failure

Has anyone had a problem with the group mapping authentication process? We have successfully connected to our AD/LDAP, PA sees the groups and group members, however this connection and the associated mapping fails after the initial connection. In add

...

C.Wong by L0 Member
  • 1718 Views
  • 1 replies
  • 0 Likes

Resolved! App-id tcp/993 having issues

New install of dual PAN 3020s on 8.0.2  that went really well for the most part and the only issue I am having now is imap(s) and Linux clients w/office 365 not working right. 

 

  1. I have a 'known ok' rule with outlook-web-online (among other allowed app
...

drewdown by L4 Transporter
  • 11216 Views
  • 17 replies
  • 0 Likes
  • 24170 Posts
  • 117 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks