This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

What is the Best Practice to block iCloud relay?

What is the best practice method to block iCloud relay without impacting iOS users too much? Apple says to NXDOMAIN the following below. mask.icloud.com mask-h2.icloud.com Prepare your network or web server for iCloud Private Relay - iCloud - Apple Developer For the PA though,... should we... create a policy to block, deny or use a URL custom b...

phampx by L0 Member
  • 7176 Views
  • 4 replies
  • 0 Likes

Resolved! Global Protect with multiple portals and gateways.

I have a working portal and gateway on PA3020 running 8.0.12.I want to setup another portal and geteway and repliciate all the settings.Second GP will be used for testing purposes.Only changes would be to use another public ip ,create another tunnel and loopback interface and ip pool.Just want to make sure I dont break prod global protect while ...

GlobalProtect is no longer able to retrieve information for Trend Micro Apex One Security Agent

We are experiencing an issue where GlobalProtect is no longer able to retrieve information for Trend Micro Apex One Security Agent. As a result, our HIP Objects that rely on this product are no longer matching correctly, and we cannot enforce the related security policies. Everything was working as expected until 17 June 2026, when the issue app...

Authentication Failure at Home Network

My Authentication does work correctly on Office Network, But It does not work on my Home Network. Lan Cable, Wifi and Mobile Hotspot does not work at all. I did drop a mail from my official email id, somebody please help.

Globalprotect Connection two Browser Tabs

Hi There, we are using 10.1.5-h2 and Globalprotect 6.0.1 VPN. Our Users logging in via SAML and it works very good. The only thing which is annoying is that during the connection two similar Browser Tabs are Opening. After that, the Connection is established. Is there a way to reduce the tabs to one? We are using a Active Directory local Group a...

Resolved! Can 'admin' account be deleted?

1) We have several PA-3020's running 6.0.1 in our organization with only a few admin user accounts which integrated with AD, so audit wants to know if we can delete the generic accounts like "admin" or "panorama"? Any negative implications to doing so?2) We get a different list of users acccounts depending upon whether we use WebUI or CLI. T...

Resolved! NGFW with two different Support Structure in one CSP

Hi Folks, Does anyone know if I can register two NGFWs with different support structures (one has Premium Support and the other one has Partner-Enabled Premium Support) in one CSP account? If it is allowed, any consideration on how to manage the support cases for these firewalls? Thank you in advance for your insights.

security policies

hello , i need to extract security policies from palo alto appliance Model (PA-460) is there a way to schedule the report or grant read only access to audit function ?

Resolved! Upgrading from 10.2.9-h1

Hello, We currently have two PA-3410 firewalls configured in HA, running PAN-OS 10.2.9-h1. We are planning to upgrade to the preferred release PAN-OS 10.2.16-h6. However, after reviewing the security advisories, it appears that this version does not fully mitigate some vulnerabilities, including CVE-2026-0257. Would it be advisable to upgrade di...

mmarie by L1 Bithead
  • 312 Views
  • 1 replies
  • 0 Likes

Bizarre "Authentication Failed" Issue: Any OS permanently breaks if it EVER connects to my home network

Hi everyone, I am in a desperate situation. I have 1 month left to finish my PhD, and since June 1st, I have been completely locked out of my university network due to a bizarre GlobalProtect issue. I am consistently getting the "global protect authentication failed enter login credentials" error. I have tested every possible scenario, and the o...

add vsys license from HA pair managed by Panorama. Any step? Reboot required ?

I have a HA pair firewall without vsys license. Now, i would like to add the vsys license in this HA pair in production environment, Do the traffic affected ? how is HA status ? if so, how to minimize the impact for adding the vsys license ? from some document, the device will be in suspended status. some people said that the device have to r...

Resolved! [User-ID HUB Vsys] Solved Issue User-ID Behavior

Hello LiveCommunity Team! I created this post to share my experience regarding the User-ID Hub for multi-vsys environments involving some User-ID incomplete table for a specific vsys:I have an NGFW with multiple vsys, and in each vsys I have configured a unique Data Redistribution Appointing to dedicated User-ID Agents and Panorama/NGFWs, local ...

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks