This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4104 Views
  • 0 replies
  • 0 Likes

Recommended PAN-OS for 5220

We are currently running version 10.2.9-h1 and i would like to know what the prefered recommended version to upgrade too? Also why does palo alto deny me access to this information when i have an account with them? I upgraded to 10.2.11 but this caused service impact. All our hosts dropped every hour on the hour until i reverted.

Request to Remove High-Risk Status and Update Website Category for ice-aec.com

Dear Palo Alto Networks LIVEcommunity Team, I am writing to address a concern regarding the domain ice-aec.com, which has been flagged as high-risk by Palo Alto Networks Unit 42 Security. After conducting a thorough review, we believe that this classification may be due to certain components on our site that could be mistakenly identified as m...

ice-aec by L0 Member
  • 1347 Views
  • 1 replies
  • 0 Likes

Export Information for a PA-460 Unit

Could someone at Palo Alto please provide the following information for your PA-460 unit (3 items total): 1. ECCN (Export Control Classification Number) 2. Harmonized Tariff Code (HTS Code) 3. CCATS information for this product - we need to see if you have a license exception on the CCATS We need to export two of these units from the USA to Mexi...

KathyG by L0 Member
  • 1366 Views
  • 1 replies
  • 0 Likes

broker vm

Hi, i want to sign in broker vm the first time. but default password !nitialPassw0rd don't work. can you help me with his problem. Thanks.

Paloalto (HA) and Fortigate (HA)

Hello All, what is the recommended connectivity for if there 4 firewalls and HA is active/passive on both devices: PA-active connected to (Fortigate active and passive) PA-passive connected to (Fortigate active and passive) Thank you

Resolved! Firewall (10.1.10-h1) Unable to connect UID agent (10.1.2)

UID agents version 7.0.8 upgraded to 10.1.2.DC (10.2.9)and Perimeter (11.1.2-h3) firewalls connected to Newly upgraded UID agent but unfortunately all branch firewalls(10.1.10-h1) couldn’t make connection to upgraded UID agent and is showing certificate error in logs.So we have downgraded the UID agent version to 9.0.5 and working fine with all ...

S.Sivan by L1 Bithead
  • 1674 Views
  • 3 replies
  • 0 Likes

Resolved! URL exeptions best practis

Hi All.I'm new in Palo Alto.My goal is to exclude some IPs (Mainly some Broadcast TV channels) from scaning and intrusion ditection, for improving throughput. Now there are some ways to achive this, but i wondwer what is the best way? Regards' Goldy

YGoldy by L1 Bithead
  • 3900 Views
  • 6 replies
  • 0 Likes

GlobalProtect VPN on Win11

When I attempt to connect to a GP VPN site I get an error "Can't reach this page" - but only on my Win11 laptop. I used to be able to connect with this PC but not anymore. Tried removing all the updates - still no luck. I have 2 other laptops, both Win10 still - and no isssues. Is there a known Win11 issue with GlobalProtect?

sburleso by L0 Member
  • 1284 Views
  • 1 replies
  • 0 Likes

Resolved! Croxyproxy Block

Hi Team, We want to block croxy proxy in palo alto firewall. There is no application for this proxy to block. We already tried blocking the category proxy avoidance but it doesnt help even after applying it after decryption ssl packets. We are seeing URL is getting changed and hitting the server until it get sucessful connection so some URL cat...

Resolved! Palo Alto VM seris HA and vSYS

Hello, I have a question regarding Palo Alto VM series HA and vSYS, when I tried to create a new profile with the credit needed for two virtual Palo Alto each one of them installed on a seprate ESXi host , but both ESXi host are in the same location and they have the same network and we need them in HA active/active mode , I choose to add flexib...

Zurattos by L1 Bithead
  • 2338 Views
  • 3 replies
  • 0 Likes

Pushing dynamic updates from Panorama to firewalls or download direct to firewall

Looking for advice on best practice regarding dynamic updates (AV, IPS, WF) when managing firewalls from a Panorama. Currently we are download and pushing these dynamic updates from Panorama to about 15 firewalls but will be managing more firewalls from Panorama in the future. We have discovered some of these dynamic update jobs becoming hung an...

clewis1 by L3 Networker
  • 5520 Views
  • 4 replies
  • 0 Likes

Unsupported cipher. Supported client cipher bitmask: 0x00000000

Hi,have a decryption policies for inbound ssl decryption to a webpage. Therefor I have included the private Certificate.At decryption monitor there is a message:( error eq 'Unsupported cipher. Supported client cipher bitmask: 0x00000000. Supported decrypt profile cipher bitmask: 0x00000014.' ) Found this link https://docs.paloaltonetworks.com/pa...

Moritz by L1 Bithead
  • 7441 Views
  • 5 replies
  • 1 Likes

Migration FW Paloalto model from 3020 to 1410

Hello team, I need to migrate a cluster from FW model 3020 to 1410. Can any of you tell me the best way to change it? I have the 3020 configuration in XML in version 9.1 but the 1410 the minimum version required is 11. Can you help me? Regards.

Alpalo by L4 Transporter
  • 1138 Views
  • 1 replies
  • 0 Likes

Notification when software versions get marked as Preferred

Is there already a mechanism or something I can subscribe to to receive updates when a software version is selected as the Preferred release? I get the emails notifying me of new releases, and I frequently use the Support PAN-OS Software Release Guidance post to check on things. I see that there is an option to Subscribe to the post/thread, but ...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks