Ping log with 0 bytes sent

Hi Guys,

I noticed some strange logs on one of our 5200 firewalls.

There is device behind the firewall that is running constant ping to google dns, traffic is allowed and working normally.

I noticed a some logs that bytes sent is zero... I can explain

Deny PSiphon

Unable to integrate AutoFocus Custom Feed with Output Method URL to MineMeld.

• I have created custom feed with URL method and need to integrate with MineMeld with below figure

• In MineMeld side, I tried to use class minemeld.ft.http.HttpFT and config URL and API Key (collected from Settings > General > API Key) as below figure

User-ID Connection Security Won't Work

UserID Agent version 9.0.5-8
Firewall 9.0.8

Windows Server 2016 UserID Agent Servers x2

I've tried following this guide and numerous others (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGFCA0)

Keep getting 'Failed to vali

Query on MineMeld setup for Azure Sentinel

We would like to add a miner to input nodes in our Minemeld portal.

And we followed the below article to setup as per our requirement but we couldn’t see the “git” icon to add the extensions.

https://live.paloaltonetworks.com/t5/minemeld-articles/send-

Split Minemeld Feed

Is there a way to split a large output feed into smaller feeds.

Multicast, who accessed??

I have tested multicast to be working and is configured as in this diagram. In the logs I see traffic from SERVER zone to Multicast zone. But there is no log on INTERNAL client that accessed the multicast stream.

Cisco CAPWAP AP stuck in Discovery

Hi All,

Has anyone had problems with CAPWAP AP's separated from the WLC by a PA-220 firewall get stuck in a DISCOVERY OperationState?

>show capwap client rcb
AdminState : ADMIN_ENABLED
OperationState : DISCOVERY
Name : ***
SwVer : 8.5.151.0
HwVer : 1.0.0.

NPTv6 seems bugged (PAN-OS 9.1.9)

Hi,

we're running into an issue with IPv6 NPTv6 which we use to route traffic through IPS on PA.

The address isn't translated as expected.

We tried NPTv6 in 2 configurations, both translate the same. We either used:

xxxx:xxxx:xxxx:ffe0::/60 -> xxxx:xxxx:

Knowledge sharing: Palo Alto checking for drops (rejects ,discards), slowness (latency) and counters using captures, global counters, flow basic etc.

Hello To All,

I will create a short summary about how to do basic checks if the palo alto drops or slows down the traffic.

1. First the pcap capture on the drop stage will show if the firewall drops the traffic and after that we check why the firew

HIP check report interval

1. What is the interval for HIP reports that the GP client sends to the gateway? 

2. Is it configurable?

3. What triggers HIP report sending?

User-ID not populating after Microsoft patching - Warning

Hello All,

Just wanted to post this in case anyone else ran into it. Microsoft release patches as they normally do, however there is one that might break user-id, June 8, 2021—KB5003671 (Monthly Rollup). There is a warning in the notes: 

After inst

Using Authentication Policy and GlobalProtect with AAD SAML to prompt MFA authentication for Admin access to resources

We have new requirements to require MFA for administrative access to just about everything and have to put into place in very short order.

“In addition to remote access, multi-factor authentication is required for the following, including such access