This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4230 Views
  • 0 replies
  • 0 Likes

PA-200 and PANOS Version 8

Hello everyone, A few days ago I was testing version 8 with a few PA-200s that we have in our lab, tested new features mostly with user credential Submission. I found that the performance of the devices were impacted (Data Plane CPU was around 70%-95%) only having one or two devices connected to it, is there any advise of using version 8.0.x f...

Resolved! DUO MFA Issues

I am trying to test the DUO MFA and have followed the instructions in the youtube video, and in the admin guide. I can reach the https site under normal circumstances and I can see traffic in the traffic logs. As soon as I enable the authentication policy, the site cannot be reached, no new traffic logs are generated, and no authentication logs ...

PF by L1 Bithead
  • 2862 Views
  • 1 replies
  • 0 Likes

Resolved! HA pair App and Threat sync to peer question.

Hi All, Apps and threats on the currently active box are set to download and install, on the passive to download only. Active box received and installed new updates. Will that automatically be synced to the passive? If we have a revert scenario where the Passive device has its apps and threats configuration to download and install, but the Acti...

Sophos Install & Updates From DMZ

Anyone create a policy allowing a Sophos AV install and then Updates form a DMZ? I have created such a policy but still seems to be an issue. The security policy has all the source and destination zones and the destination host are any. I am then allowing the following applications (not using ports at all)dnsms-ds-smbmsrpcnetbios-ccsophos-live-p...

Resolved! PanOS 8.02 and UAgent 7 vs UAgent 8

Hello. I have recently upgraded our PA-5050 to PanOS 8.0.2. I went to upgrade our UserAgent from v 7.0.7-13 to the new 8.0.2-20 version on our Windows Domain Controllers I was getting errors during the install process and then realized our DCs were NOT 2008R2, only 2008 Service Pack 2. I also noticed we do not run any "read-only domain controlle...

dannon by L3 Networker
  • 2877 Views
  • 1 replies
  • 0 Likes

Source Users don't show up in Traffic & Threat

My problem is the Source User in Monitor > Logs > Traffic & Threat don't show for all users. All other columns including Source and Destination IP are displayed properly. The unshown users can be from trusted lan/wlan/vpn zones and is going to trusted lan or untrusted wan zones. The application they run can be ssl, facebook or dns.....

Resolved! TLS/SSL profile for PORTAL + GATEWAY (GlobalProtect); must have valid cert for GATEWAY ?

I posted a question here in a config article.https://live.paloaltonetworks.com/t5/Configuration-Articles/Certificate-config-for-GlobalProtect-SSL-TLS-Client-cert/tac-p/158713#M2099 PORTAL just lets me hit 'accept' anyway. (of course.. as it's all self-signed..)But GATEWAY won't let me continue ? Server certificate validation failed (again... ma...

mpgioia by L3 Networker
  • 3991 Views
  • 2 replies
  • 0 Likes

Missing config after panorama upgrade

Hi, we had a problem upgrading our panorama long time ago, after upgrade to 7.0 x we lost some config (URL filtering profiles, Custom url category, application filters), so we had to add all these config by hand Yesterday we upgrade again the PA from 7.0.x to 7.1.10 and the problem happened again, we have lost some part of configs (one prerule, ...

Forcing TLS/SSL decryption to cipher suite PAN can decrypt?

We're on 7.1.x and use SSL decryption on traffic coming in to sites we host. Is there a way to force the SSL traffic to a (strong) cipher suite(s) that the PAN can decrypt please? I found this KB but I'm not entirely clear if this lets you mandate only cipher suites that can be decrypted? https://live.paloaltonetworks.com/t5/Configuration-Articl...

Site 2 Site VPN

We have a S2S VPN set up with a Juniper SRX at a partner site.The P1 key life time is 8hr and P2 life time is 1hr We are seeing that the VPN drops quite frequiently. After they have had a look at the logs they are saying that during the re-key phase our end is timeing out. I am not sure how to get debug logs , we run PAN OS 7.1.7 The have provi...

RC-BHF by L2 Linker
  • 4621 Views
  • 6 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks