General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

DNS-proxy BUG 7.1.2 using capital letters

Just wanted to put it out there.

I upgraded to 7.1.2 yesterday and a lot of my static dns entries stopped working. after some playing around i figered out that it was because i was using capital letters in my entries. I changed them to lowercase and e

...

Whats PAN's future for TLS decrypt with many sites now moving to Diffie-Hellman based ciphers ONLY?

Does PAN have any plan for better managing the current state of TLS decryption now that Diffie-Hellman based ciphers are becoming the default standard?

PAN currently only supports the below ciphers, and when presented with a website that ONLY support

...

Application override with custom application and threat detection

I want to build a custom application with application override and still be able to scan for threats.
On the website of Palo Alto, there is this text:

If you define an application override, the firewall stops processing at Layer-4. The custom applic

...

Resolved! Block http traffic to numeric URLs

Hi,

I was ordered to block all http and hhtps traffic to addresses without a dns name. In other words user have to put in a network name in the browser and are not allowed to type an IP address in the address field.

As the thinking behind is bloc

...

PA identifying traffic from AKAMAI as BruteForce.

Hi guys,

Context: For the past 24 hours we've had constant reports of a Brute force attack on our servers originating from the Akamai CDN's.

I'm unsure whether this is simply a false positive, or if there something to actually worry about.

I've

...

Panorama not generating summary logs

Hi,

I have an unlicensed Panorama (for the sake of testing) to aggregate logs from the Palo Alto. I've set up log forwarding on the firewall, Panorama is receiving logs and detailed traffic is showing up properly, but there are no summary logs genera

...

CVE-2004-2761 and CVE-2008-5161 vulnerability applicable to PAN 7.0.3

Hi all,

Hope everyone doing great.

I have a Palo alto firewall running in 7.0.3 version. Recently there was an audit happened and submitted some vulnerabilities found in our firewall. I am very curious to know that whether captioned vulnerability

...

Resolved! GlobalProtect - Fixed IP address allocation

Hi All,

How to configure Fixed IP address allocation using the Framed-IP-Address attribute?

I am using a openldap server. How to configure this attribute?

with regards,

Davi

Resolved! How to downgrade HA pair from 7.1.X to 7.0.X version.

Hi Guys,

What is going to be a right way/steps to downgrade PA from the version mentioned above?

1) Disable "preemption" on the both nodes. Commit changes.

2) On the "passive" node load config that matches your version. Let say l am going to inst

...

Resolved! EBL Issues

I've just started to test working with an EBL to quickly update a block list without having to apply the URL Filter to all of the different groups that we have. I've verified that I have connection to the document and that the Palo Alto sees it but I

...

Resolved! How to view the peak number of concurrent sessions?

Hello

Could you help me with this, please? I need to view the peak number of concurrent sessions.

Thanks

How to stop malware called XcodeGhost?

Hi Guys,

One of our firewalls is setup to scan this traffic will full threat prevention but it seems to not be picking up the XCodeGhost.

Any suggestions?

Thank you,

Mykhaylo

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

DNS-proxy BUG 7.1.2 using capital letters

Whats PAN's future for TLS decrypt with many sites now moving to Diffie-Hellman based ciphers ONLY?

Application override with custom application and threat detection

Resolved! Block http traffic to numeric URLs

PA identifying traffic from AKAMAI as BruteForce.

Panorama not generating summary logs

CVE-2004-2761 and CVE-2008-5161 vulnerability applicable to PAN 7.0.3

Resolved! GlobalProtect - Fixed IP address allocation

Resolved! How to downgrade HA pair from 7.1.X to 7.0.X version.

Resolved! EBL Issues

Resolved! How to view the peak number of concurrent sessions?

How to stop malware called XcodeGhost?

HA pair on different os version

Where to apply Anti-Spyware Profiles

Resolved! Anyone having issues with Threat ID 40059 (HTTP Brute Force)?

GlobalProtect SAML Authentication Complete

how to generate an AWS Redis Auth code ?

How to validate Redis connection from vm-series on AWS ?

global counter tcp_case_2

IKEV2 w Cert - Wildcard peer for DN does not work.

Re: GlobalProtect 6.3.3

Re: GlobalProtect 6.3.3

Re: Support PAN-OS Software Release Guidance

Re: MFA external provider question

Re: GlobalProtect 6.3.3

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! Block http traffic to numeric URLs

Resolved! GlobalProtect - Fixed IP address allocation

Resolved! How to downgrade HA pair from 7.1.X to 7.0.X version.

Resolved! EBL Issues

Resolved! How to view the peak number of concurrent sessions?

Resolved! Anyone having issues with Threat ID 40059 (HTTP Brute Force)?