General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

Global Protect\MPLS redundancy

Currently I have an MPLS connection (Connected to a Palo Alto Firewall) at one of our branch offices in Shanghai. The problem is the MPLS connection (provided by Level3) goes down sometimes. I'd like to setup a Global Satellite connection on the PAN Firewall, with the idea being that if the MPLS goes down, we do not lose our connection to the of...

GlobalProtect and overlapping networks - is it a problem?

HelloI'm using GP since few years without any problem. Recently my colleagues complains abut situation when he can't established RDP connection. Local networks in their home is 192.168.1.x and my servers are on the same network 192.168.1.x -That's their issue.In my opinion it's not a problem because GP install virtual adapter that's have network...

PAN-OS 7.1 - SSL Decryption Issues

I recently upgraded from PAN-OS 7.0.6 to 7.1.0 on a lab PA-200 appliance to start to test some of the features. Right off the bat there seems to be an issue with SSL Decyrption. As I stated in another post, I'm having issues with sites such as banking establishments, google earth, bing maps, etc. where the browser (chrome, edge, and IE tested)...

Host name disappears

Running 7.0.6 on both panorama and firewall. Any reason why one device would all of a sudden lose its host name?

Wrong geo location for an IP

I have a set or rules that block access to some IP depending of their geo location. The problem is that an is is incorrectly geo located by the palo alto. IP is 91.194.60.7, located in France, and Palo Alto locate it in Ukraine !!! Is there a way to fix it on my side, or is there a way to ask a fix to palo team, as for URL category change ?

Resolved! Panorama Device group

IS it possible to create a device group in Panorama yet make to where it when configs are pushed to Device group it doesnt affect any other device groups and cause out of sync? Bascially I want to manage off shore device in Panorama but when config is pushed we only push to the off shore devices with as if they were only pair in panorama.

Palo Alto Firewall Purchase (Second-hand) Question

Guys, anybody purchase a second hand firewall and go through the recertification process? How long did it take? Also, what if you bought on the secondhand market a brand new PA firewall that has never been registered, do you still have to go through the recertification process and/or other necessary requirements to get it registered and activa...

session time for specific user in PA

Hello ,Anyone have an idea how to increase session time for specific user in paloalto ,NOC team have monitor screen and i found that threat map is very helpful to be a part of NOC monitor ,but you know session time is an issue related to sign out every customized time.Thanks

Resolved! How to disable SSL/TLS Server supports TLSv1.0 in Global Protect Portal

How I can disable TLSv1.0 support from Gateway IP address? Security scan reporting that TLSv1.0 is enabled. In SSL/TLS Service Profile Min Version is TLSv1.2 and Max Version in Max.

Resolved! Windows file replication

Just updated my PA 200's to version 7.1.0. Have two sites, both using the 200 in a virtual wire deployment. The windows file replication between the two sites (Windows 2012R2) quit working after the software update. Using security profiles so not sure if URL filtering or another security profile is casuing the problem. Or maybe a recent dynamic ...

Help with viewing surveilance cameras remotely with GP VPN

I'm pretty new the the PA universe with my prior firewall experiences being cisco 5505ASA and SonicWall TZ215. I have all the basics working along with the GP VPN. The final service i need to get working is external viewing of our surveillance cameras. On my previous TZ firewall I was port forwarding to each of the NVR units (LTS Securtity I th...

Resolved! Predefined zones.

Hi Guys, Are there any L3 zones predefined when we get palo alto Out of Box. Regards,

PA-3020 log retention period

Hi Experts, I am quite new to Palo Alto and I have some queries regarding the URL filter log retention, before we can generate user activty reports for browsed URLs for more than two weeks old, but now we can only see URL filter logs up to no more than 4 days. What affects the log retention period and how can we generate a month old User Activit...

How to convert security policies into an excel file in Palo Alto Firewall

I am looking for a way to convert exsisitng security policies in PA firewall in PAN-OS version 7.0.x to an excel or CSV file. I found no valid way or documents. Can any body help me. Cheers Yasir

Resolved! Searching Script For Panorama Traffic Logs

I have a need to search my Panorama traffic logs looking for 1000's of source IPs, engress on the outside zone. I would like to write a bash script to actually read through the logs for the IP's. Manually searchinf for this large amount of IPs is not practical. Has any one done this? Any ideas how to start? I can SSH into the Panorama but no ide...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Global Protect\MPLS redundancy

GlobalProtect and overlapping networks - is it a problem?

PAN-OS 7.1 - SSL Decryption Issues

Host name disappears