This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4237 Views
  • 0 replies
  • 0 Likes

Global Protect List of Portals

Hello, I was wondering if there's a way to be able to create a list or profiles of portals in Global Protect client which would allow to list all of the differnet portals that one uses. I have over 15 differnet portals which I use but everytime I try to vpn or use one of those portals I have to enter the port's ip or dns name into the portal fie...

Resolved! Captive Portal With SSO Breaks All Rules

Hello ALL - This is my second post here regarding Captive Portal. I enabled Captive Portal in my environment the other day thinking it would be for webaccess for my users in the event the User ID tool did not work. Upon enabling this feature other rules on my firewall stopped processing since there was no users associated with those rules. Is ...

2 factor authentication issue on Palo Alto Global Protect client

we need support from Palo Alto to understand the following issue:A portal and gateway profile has been created for ¿internal¿ users and ¿external¿ business partner users. All users need to authenticate using OTP (One time passcode). By default users must first authenticate against Portal and second to Gateway. Unfortunately this means that user...

mss-ops by L0 Member
  • 5628 Views
  • 4 replies
  • 1 Likes

question about global protect

Let us assume that you have users in your company and they have company comps with global protect client installedThey take their notebooks home.is it possible somehow by global protect to forbid connect to home internet without using GP?OR is it possible to make any configuration so hat user can not disconnect the global protect.?for example by...

Radmin_85 by L4 Transporter
  • 2698 Views
  • 2 replies
  • 0 Likes

Resolved! BGP/BFD

I am running BFD with BGP in a cluster(active/passive) and I am unclear on how to set up a failover of the firewall to the passive peer if BFD fails in order to bring up the BGP peer on other node. Any assitance would be appreciated.

r24481 by L1 Bithead
  • 3083 Views
  • 1 replies
  • 0 Likes

No metrics showing up in a syslog analyser node

Hi, I followed this post the other day and have been forwarding logs from my firewall for 2 days now, but without any hits, so I am wondering if I have done something wrong? I can see in a tcpdump dump on the minemeld server, that logs are received on port 13514/TCP. Also, the logs that are sent to minemeld are dropped traffic from an EDL, so ...

borising by L4 Transporter
  • 19944 Views
  • 16 replies
  • 1 Likes

Resolved! MineMeld export custom prototypes

Hey all, Can anybody tell me how we can export (and import) custom created prototypes (for backup purposes). The config does not include these, so if we need to rebuild the MineMeld instance we have an issue. Kind regards

mr.linus by L4 Transporter
  • 6249 Views
  • 2 replies
  • 0 Likes

Reason: User is not in allowlist

User 'steven.williams.da' failed authentication. Reason: User is not in allowlist From: ltdlqq6h2.domain.lan short name: domain\paloaltoadminssource type: ldapsource: Network_Administrators[1 ] domain\steven.williams.da Authentication profile contains the user group paloaltoadmins using the LDAP server profile. Created user in local admin and ad...

Resolved! Autofocus for MSP environments

Hi Guys If an MSP wants to use Autofocus for its customers and wants each one to have its own independent dashboard, is there a way to do it. Or would they just need to buy an AF license per customer

nrobison by L1 Bithead
  • 3494 Views
  • 1 replies
  • 0 Likes

Panorama Commit Fail With Error: Duplicate Service group

Hi all, I'm trying to Transition an existing Firewall to Panorama Management and I'm following this guide - https://www.paloaltonetworks.com/documentation/80/panorama/panorama_adminguide/manage-firewalls/transition-a-firewall-to-panorama-management/migrate-a-firewall-to-panorama-management#id75642aaa-965c-4f2d-bc1c-8160a8a1543e when I perform st...

Custom traffic-to-destination report

I am having some trouble creating a custom report that to me seems like it should be a simple and typical report. I have a block of 10 destination addresses added into an address group and I need a montly report generated that just shows the total amount of traffic heading out to that address group. I have recently taken over the administration ...

twu-wb by L0 Member
  • 2364 Views
  • 2 replies
  • 0 Likes

Remove IP Address from Subinterface with CLI

I'm trying to remove an IP address from a subinterface using the CLI. Command I'm using is: 'delete network interface ethernet 1/8 layer3 units ethernet1/8.3624 ip x.x.x.x/29'When I run this command, I get a message saying:'No object to delete in delete handler' I am able to remove all other configuration from the subinterface.

Resolved! create ftp &NAT

Dear all I have ftp server and two user use this ftp from different network i want to create NAT ftp server IP is 192.168.30.30user 1 192.168.40.1user 2 192.168.50.1 user can send and recieve from ftp server

Comparision with other vendors

I would like to know is there any document of battle between Palo Alto Networks NGFW and other vendors (Cisco,check point,fortinet).I cant find the the latest info about it.It can be very usuful when talking with customers.And also i would like to get info about best practice POC.is there any technical documentation about it?thanks in advance

Radmin_85 by L4 Transporter
  • 3829 Views
  • 1 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks