General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

CVE ID

Device details : PAN-PA-5060 / Palo Alto There are 6 CVEs in the advisory. DESCRIPTION: CVE-2024-9463: CVSS: 9.9CVE-2024-9464: CVSS: 9.3CVE-2024-9465: CVSS: 9.2CVE-2024-9466: CVSS: 8.2CVE-2024-9467: CVSS: 7.0CVE-2024-9468: CVSS : 8.2 Kindly confirm, if these CVE IDs are impacting FW/panorama at all. Also, I am not able to find any source...

Failed to install PanOS_3200-10.2.9-h1 with the following errors

Hi Guys. i have PA-3220 need upgrade to 10.2.9-h1. but failed. see bellow error msg. try to reboot . no luck. and try to downgrade. also failed. can someone help for this issue? thanks very much. Loading into software managerFailed to install PanOS_3200-10.2.9-h1 with the following errors.Traceback (most recent call last):File "/...

Failed to establish GRPC connection to AceMlc2 service: failed to start grpc connection with address ace.eu.hawkeye.services-edge.paloaltonetworks.com

Getting below alert from the hardware firewall. "Failed to establish GRPC connection to AceMlc2 service: failed to start grpc connection with address ace.eu.hawkeye.services-edge.paloaltonetworks.com:443" Followed the below document but no luck. Does anyone faced similar issue ? https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?i...

CyberEye by L3 Networker
  • 9551 Views
  • 4 replies
  • 0 Likes

Do PAN TAC even read the content of the ticket?

This has happened more time than I can count, and I have Platnium support. I work in the US Eastern time zone 8am-5pm ET and every time when I open ticket with PAN support, I always put in this line at the beginning of the ticket: "I would like to work with a TAC engineer in the US Eastern timezone 8am-5pm ET". Yet, sometime the ticket gets...

dtran by L4 Transporter
  • 2894 Views
  • 5 replies
  • 0 Likes

show routing route destination output

Hi all,there is something which is confusing me when I want to check an entry of the routing table.If I'm looking for an entry of my routing table with:"show routing route destination x.x.x.x/x" and the route is covered by the default route, the output is like below:admin@rou11004(active-primary)> show routing route destination 8.8.8.8/32flag...

muellerm by Not applicable
  • 22408 Views
  • 6 replies
  • 0 Likes

Help Allowing VDI Connections

AT&T has provided our users with virtual machines using VMware Horizon Client. However, when in the office, our users cannot connect to their VDI machine. However, when external, using our GlobalProtect VPN, they connect successfully. Error: Loading Failed​VDPCONNECT_CONNECT_TLS: The connection to the gateway or the remote computer could...

Doubt about costomize config log paloalto

Hi team The security auditors ask us if in the Config Log it is possible to have an additional field in the log that links all the events of a rule change with a ticket id external to Palo Alto. That is to say that in the attached logs an additional field with the Ticket appears in a mandatory way to be able to link the event with the ticket: an...

Alpalo by L4 Transporter
  • 1644 Views
  • 3 replies
  • 0 Likes

Resolved! Clear Cache DNS on Panorama / Firewall

Hi All, may i know if i use below command able to clear the DNS caches. >show dns-proxy cache all >clear dns-proxy cache all How to Verify DNS Proxy - Knowledge Base - Palo Alto Networks what we want to ask is, if the command above is suffice to clear cache in panorama / firewall because during the swing from primary server to secon...

Fuel Workshop on GlobalProtect Large Scale VPN (LSVPN)

Fuel Workshop on GlobalProtect Large Scale VPN (LSVPN) Welcome to the next in our series of Fuel Workshops where will be covering the implementation of GlobalProtect for Large Scale VPN (LSVPN). Our speaker, Siddhant Chawla, Senior Technical Support Engineer, will be giving us an overview of how LSVPN is designed, implemented, and how to de...

jennaqualls by Community Team Member
  • 1215 Views
  • 1 replies
  • 1 Likes

Supporting multiple customer accounts with one e-mail-ID

Hello, I work for a hardware reseller supporting many of your Palo Alto customers. My colleague's and I have our e-mail IDs tied to only one of our (and your) customers accounts. We are finding it difficult at best to open cases and support our other customers when our e-mail IDs have us locked to only one customer account. Can our profiles be a...

PAN-262287

PAN-262287 Fixed an issue where dereferencing a NULL pointer that occurred when App-ID stopped responding caused the firewall to restart. I was just discussing the with PA TAC - PAN-262287 - PA TAC mentioned they have an internal bug which suggests below:- Below are the observations:- commands to be checked - to identify the crash/co...

Resolved! Google street view in maps.google.com not working

I am working with a school customer with a PA firewall in place. The issue is Google street view images do not load on the device when connected to the student VLAN but the exact same device switched to the staff VLAN works fine. The actual symptom is the browser shows a message "No street view imagery available here" and a black screen where t...

PAN-OS Certificate expiration

Hi All, i have question on the following article : https://live.paloaltonetworks.com/t5/customer-advisories/update-to-additional-pan-os-certificate-expirations-and-new/ta-p/572158. My panorama version is 10.2.10 and my userid agent is on 10.2.3. Based on the table in the advisory, 10.2.3 is not included. However, am I right to assume th...

Not able to connect Global Protect VPN on IPAD device

Hello Friends, We have a customer who is not able to connect Global Protect VPN from IPAD device with error "could not verify the server certificate of the gateway" I revived the configuration and selected connection method as on-demand in the app setting of GP Portal and did commit. After commit, we were getting error "the network connection ...

Resolved! VPN tunnel question…

Hello, I am trying to find out the logic about this scenario. If we have an ikev2 tunnel, and only a single /32 route in the routing table to reach the tunnel peer (assume dynamic routing for encryption domain), and for some reason that route gets retracted from the routing table, does the tunnel only go down once liveliness check fails, or ...

VK9H13 by L2 Linker
  • 1260 Views
  • 1 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels