General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! User based ssl decryption

Hi,

I try to test ssl forward proxy decryption. It works fine if I use IP address as a source but if I use Users(domain) as a source it doesn't work. I can't use IP's for testing because our IP's floating. What I need to check in configuration?

Toni

Resolved! GlobalProtect 3.0.2 setting VPN DNS on WiFi adapter

Hi,

I'm having a single client, running Windows 10 Pro, that we're having issues with.

When the user connects to their network at home, they are unable to connect to VPN, and it seems like the issues is caused by GlobalProtect setting the WiFi adapter

...

Resolved! QOS & Aggregate Interfaces

Hello,

In our QOS Aggregate Eth. Interfaces we cannot assign an egress value greater than 1000.

(LACP Bundle is 2 x 1Gbit on eth4 + eth5)

Why ?
Do we throttle down throughput to 1 GBit/sec. in the Aggregate ?
Shall we leave egress value in profile and Int

...

Resolved! Is there any restriction for application to add in Policy based forwarding

Is there any specific reason that all application is not avaialbe to add in policy based forwarding.

For ex: I am trying to add "panorama" in policy based forwarding, it is not there.

I have to addd port 3978 instead of application. Is there any reason

...

Resolved! Globalprotect client authenticate with a certificate not working anymore

Since we use our Palo Alto firewall, our users there Global Protect Client authenticate with the firewall through a certificate that is deployed thorugh Active Directory. Our Global Protect Client version is 3.0.2.

Since we updated our Pan-Os version

...

Slow download over decrypted TLS sessions?

I've noticed that downloads that occur over decrypted TLS sessions are incredibly slow since upgrading my PA-3050s to PAN-OS 6.1.x (now on version 6.1.12). Sometimes they don't even complete at all, either failing or just sitting forever. For examp

...

Resolved! RSH session issue passing through the Palo Alto

Hi Guys,

Interesting one.

1x2.1x4.1x4.1x5 makes an initial connection using RSH the 192.168.0.20 then creates a separate RSH session back to the originating server but this always fails as the Palo seems to ignore the rule and NAT that is in place f

...

Brightcloud connection error

I have a PA-500 that is receiving the error of:

opaque: Failed to connect to Brightcloud update server service.brightcloud.com, initiated by 192.168.75.30

eventid: connection-failure

There seems to be no connectivity issues to URLs for the users. Just

...

Automate GlobalProtect VPN connection

Hi All,

We are trying to automate connections using the GlobalProtect VPN with a batch script. There's a way to accomplish it?

I've tried to use the PanGPA.exe in "C:\Program Files\Palo Alto Networks\GlobalProtect\" without success.

Any kind of hel

...

DNS-proxy BUG 7.1.2 using capital letters

Just wanted to put it out there.

I upgraded to 7.1.2 yesterday and a lot of my static dns entries stopped working. after some playing around i figered out that it was because i was using capital letters in my entries. I changed them to lowercase and e

...

Whats PAN's future for TLS decrypt with many sites now moving to Diffie-Hellman based ciphers ONLY?

Does PAN have any plan for better managing the current state of TLS decryption now that Diffie-Hellman based ciphers are becoming the default standard?

PAN currently only supports the below ciphers, and when presented with a website that ONLY support

...

Application override with custom application and threat detection

I want to build a custom application with application override and still be able to scan for threats.
On the website of Palo Alto, there is this text:

If you define an application override, the firewall stops processing at Layer-4. The custom applic

...

Resolved! Block http traffic to numeric URLs

Hi,

I was ordered to block all http and hhtps traffic to addresses without a dns name. In other words user have to put in a network name in the browser and are not allowed to type an IP address in the address field.

As the thinking behind is bloc

...

PA identifying traffic from AKAMAI as BruteForce.

Hi guys,

Context: For the past 24 hours we've had constant reports of a Brute force attack on our servers originating from the Akamai CDN's.

I'm unsure whether this is simply a false positive, or if there something to actually worry about.

I've

...

Panorama not generating summary logs

Hi,

I have an unlicensed Panorama (for the sake of testing) to aggregate logs from the Palo Alto. I've set up log forwarding on the firewall, Panorama is receiving logs and detailed traffic is showing up properly, but there are no summary logs genera

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free