General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

What's new in MineMeld 0.9.8

Release Date: 2016-04-10

 

How to update: Updating MineMeld

 

Nodes

- Miner for AusCERT feeds (thanks to Leigh Vincent !)

- Miner for IPv6 local list

 

Prototypes

- Prototype for simple IPv6 aggregator

 

lmori by L7 Applicator
  • 1889 Views
  • 0 replies
  • 0 Likes

Global Protect Limitations

Is there a way to stop disabled AD computer accounts from connecting to GP?  We have a HIP profile attached to the GP rules which force the user to be compliant (ie. member of domain and have AntiVirus).  however, when we disable their computer accou

...

rrau by L3 Networker
  • 2860 Views
  • 5 replies
  • 0 Likes

Resolved! Issue with CPUID with PA-VM-100 on Vitualbox

Hi Guys!!

 

I have installed a PA-VM -100 on my VirtualBox but the problem i m currently facing   is as follows:

 

- The CPUID does not appear on the dashboard  (general info)  i m only able to retrieve the UUID any idea why ?

- Can I disconnect The

...

big_Gilo by L2 Linker
  • 2335 Views
  • 2 replies
  • 0 Likes

data filter on comment

Hi community , 

is there any way to filter comment contained some bad words (f**ck , so on)  that is written by our employers to add any website(often use  http) ? 

May Maintenance Notice

Palo Alto Networks plans to perform network maintenance 2:00– 10:00 pm PDT Saturday, May 14th.

 

While we will make a concerted effort to minimize impact to your Palo Alto Networks-related services and support during these time periods and we do not

...

Resolved! Policy Configuration App-ID

Dear colleagues.
I do not have much experience in PA and I would like to help me with a configuration that is very basic for some.
I wish to make is a policy in which App where certain app block p2p (torrent, Tor, ultrasurf) and allow other application

...

Edluna by L1 Bithead
  • 1931 Views
  • 1 replies
  • 0 Likes

Best practiecs

Is anyone using these recommended settings?

 

set deviceconfig setting tcp urgent-data clear

set deviceconfig setting tcp drop-zero-flag yes

set deviceconfig setting application bypass-exceed-queue no

set deviceconfig setting tcp bypass-exceed-oo-que

...

jdprovine by L4 Transporter
  • 5045 Views
  • 11 replies
  • 0 Likes

PANOS 7.0 SNMP logical interface counters

I tried the feature and the RX and TX counters are a way off from the physical interface (Tested on 5060 using e1/21 and e1/22 for AE1).   I opened a case with TAC,  and this is the explaination from TAC,

 

For hardware interfaces (ethernet1/21 and e

...

When will a new GlobalProtectClient GUI/UI be written?

We've been holding off replacing our Cisco Anyconnect clients as the interface of GlobalProtect is a big downgrade for us.

 

Any idea when/if there will be improvements made to the GP UI?

 

At the moment it looks like it was developed by engineers with n

...

GPforWin7.png
anyconnectwin_reconnect2.png
pmc by L2 Linker
  • 6178 Views
  • 4 replies
  • 6 Likes

Resolved! cli: traceroute host, ping host use connected interface

Is it possible to have traceroute host and ping host default to using the interface the cli was connected to?

 

We have the Management Interface of our PA 500 set to an internal address, like 192.168.129.11.  We can connect to it from our mpls networ

...

Internal Root certificate replacement

Does anybody have any experience of changing out the internal root CA cert? Our server guys have updated our internal cert authority to support SHA-256 certs which has had a knock on affect of causing issues with our GlobalProtect gateway certs on ou

...

Crazy policies needed for BGP and VPN

Hi,

first read this article:

https://live.paloaltonetworks.com/t5/Learning-Arti​cles/Any-Any-Deny-Security-Rule-Changes-Default-Be​...

 

then

 I have this exactly behavor but I don't have wrote any/any/deny rules!

In my enviroment both intrazone-defa

...

Palo Alto NSX-Edition for multi-VC environments.

Hi all ,

 

Is there support documentation available for multi-VC implementations of the NSX-Edition ? I found plenty of good Deployment guidelines as per https://www.paloaltonetworks.com/search?q=NSX&%3Acq_csrf_token=eyJleHAiOjE0NTk4NDY1NTgsImlhdCI6MTQ

...

rherlaar by L0 Member
  • 1279 Views
  • 0 replies
  • 0 Likes
  • 24303 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels