General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

TS agent SSL error

Hello,

I've been trying to add a new TS agent on my firewalls. As there is no redistribution for user-{ip+port} mapping, I want to map the TS agent to 2 FWs. Backend FW is connected correctly, Frontend FW is in error.

I can capture the following betw

...

Resolved! Edit personal information

I'm trying to update some personal information (my last name), but when i save the configuration, it doesn't actually save.

On the other hand, my last name changed and now its my name (Lucas Lucas).

Please help me, i can't find any Customer Service

...

403 forbidden error while importing IDP fiile

Hii,

I have been trying to import G suit IDP file in SAML Identity provider on palo alto VM firewall but for infinite time its just showing message "uploading" without showing any error message. when I checked in network tab of inspect element I ca

...

Resolved! PING from Firewall GUI

Hi All,

I have a basic doubt.

Isit possible to ping from firewall GUI ?

If not from Panaroma CLI, isit possible to connect firwall ( to test the ping from firewall to host )

Reason : To check the network latency from fireawall.

Thanks

KM

Resolved! PA-220 to PA-440 Migration Recommended Process

I need to migrate 2 stand alone PA-220s to PA-440s. The current PA-220s are running PAN-OS 10.2.4-h2.

I would like to know the recommended process for doing this.

Can I backup the configuration and system state and restore it on the PA-440?

Do I use

...

Resolved! best practice assessment option is not showing in paloalto customer portal

In my customer portal under Tools i am not seeing best practice assessment option, can any one help on this topic .

Also, let me know what is required to gain that option

thanks,

Shashank Tripathi

Failed to extract file panup-all-antivirus-4788-5306.tgz with sha256

Failed to upgrade the antivirus package for primary firewall in HA causing the antivirus mismatch.

Its working if I delete and download install again.

Any permanent solution for this? Upgraded to the previous preferred version 11.0.2-h3 but issue sti

...

Import TXT or CSV to an Address Group?

I have a TXT file (I could also save it as a .CSV) of about 2000 known bad IP addresses I want to block traffic to/from. Is there a way to import this list into an Address Group? I see an option to download a dynamic list but I would then have to hos

...

NAT mapping public to private IP

Hello all,

I have been updating our NAT policies within our PA-3220 to specify traffic translation mapping from our public addresses to private addresses. After committing the changes the traffic has only been routing to the catch all NAT rule at t

...

IKEv2 IPv6 tunnel with dynamic endpoint from one IP

With IPv4 it is possible to build multiple IPSec tunnels from one interface IP with dynamic/unknown destinations and separate them based on the IKE peer IDs. That configuration is accepted by the firewall.

As for IPv6, as soon as one source interface

...

Release dates for PAN-OS

Hello all,

Can anyone provide me the release dates for the following in regards to PAN-OS:

10.0.4
10.0.5
10.0.6
10.0.7
10.0.8
10.0.9
10.0.10
10.0.11
10.0.12

Thank you

Reverse proxy for Exchange ActiveSync

We have a Palto Alto cluster and I want to use them as reverse proxy for our Exchange inbound trafic. We activated decryption for this trafic and we want to allow only ActiveSync trafic / application.

It did not work with only allow ActiveSync appl

...

Resolved! Monitor Logs - filtering with wildcard?

Are wildcards supported now when trying to filter logs in Monitor? I saw a post from 2015 asking about it and at the time the answer was "Wildcards are not supported in the traffic log filters."

Was hoping that 9 years is enough time to implement t

...

Allow traffic mikrotik site to site.

Hi everyone. I just installed a firewall at an office. Office A is connected to office B via two site-to-site mikrotiks.
Inside office A there is a server that records the presence of office B employees.
After introducing the PA440 it stopped working..

...

Resolved! change default static route

Hi.

ethernet 1/1 > DHCP

ethernet 1/2 > Static

i want to dst. 172.16.1.x next hop ethernet 1/1 ///// dst. 172.16..2.x next top ethernet 1/2 for change.

not use pbf rule.

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free