General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Testing Performance

I would like to get to know which specifc traffic is being checked by specific features of Palo-alto NGFW. To be more precise after enabling all the features on the device which traffic is being checked by URL filtering , IPS Anti- Spyware and other

...

Tips & Tricks: Using URL Filtering to Globally Block URLs but Allow Other Traffic

Under the URL category of "educational institutions"(set for alert) we are generating a enormous amount of logs identified with an application of “windows-remote-management”. I currently have modified that category to "allow" which eliminates all log

...

identify interfaces where mtu is being exceeded

Hi, wondering if someone might know how to see counters for flow_fwd_mtu_exceeded for a specific interface. Our firewall's global counter is increasing using this command:

show counter global filter packet-filter yes delta yes

but I'd like to know wh

...

Resolved! M-100 default log collector

Hello,

in the followind doc, Firgure: Single Default Log Collector per Collector Group.

Looks like we can assign Firewalls to send logs to the Primary Panorama, Also it looks like we can assign firewalls to send logs to only the Secondary Panorama.

htt

...

Resolved! Block YouTube--Allow Google.com

We have 1 user who is abusing Youtube. I need to block this person from YouTube but still allow this person access to google.com

I tried a URL filtering policy but it also blocked access to google.com.

Is there a document or a video of how to perform t

...

Resolved! Active/Passive HA - Technical details: "How does it work?"

I manage our active/passive HA pair of PA-3050 firewalls currently running PAN-OS 7.0.8. These were migrated a few years ago from PA-2020 devices that were put in by a previous network administration regime.

Our current network administration team i

...

Wildfire Alert reporting source and destination NATs that aren't configured on associated firewalls

Greetings,

We've had several Wildfire Alerts that show both the source and destination addresses translated yet NAT is not configured. For the subject data flow, the source is an external network for which we have no control. The destination is our

...

Resolved! Panorama M-100 - Led Red Alert

Hi, I have a Panorama M100, the device lost connection, neither couldn't be access by console, so we don't make any changes. Then we reboot and connect keyboard direct to appliance and we choose option F1, whit that, the device Started working and re

...

ERROR INICIAL AL CARGAR PANORAMA M-100.png

Where to put Office 365 dependencies?

I created a security policy for Office 365 using the application IDs. When I commmited, it said that SSL required, but I already have SSL/web-browsing in another policy below.

During testing, I found that the 365 policy was not catching any 365 traff

...

No SSL decrypt collaboration

When we try to setup an Skype for Business call we always get blocked by the SSL decrypt of the Palo Alto system.

I would like to configure no ssl decrypt for collaboration. Is this possible and how?

Resolved! Know UserID version agents from Palo Alto

How can i know the version installed in UserID agents server from Palo Alto????

i tried show user user-id-agent statistics but Version shows the protocol version, not the real version client UserID

https://live.paloaltonetworks.com/t5/Learning-Arti

...

Template and Devcie Group Design

Hello Experts

I have two firewalls cluster, managed by panorama. One cluster is for perimeter firewall and other is core/DC firewalls. I have three customers and I created three vsys (CUST1, CUST2 and CUST3) on both clusters.

Now what is the recommen

...

Resolved! Wildfire Threat Alert Receive and Transmit times

What is the order of sequence in email Threat Alert generation between the receive_time and the time_generated fields?

Resolved! HA sync-passwords both devices

Hello

I have it

ha pair, both password changed. the primary device's ticket closed automatically, but the secondary's was still open. password match though
but... request high-availability sync-to-remote running-config <<-- would that be valid to sync

...

Resolved! PBF for Office 365

Hi all,

One of our startegic customer is requesting the possibility to route just the O365 traffic to a specific link and after researching about this I think that the best is using MineMeld to automatically feed a list of application IP adrress bu

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free