General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 462 Views
  • 0 replies
  • 0 Likes

Help With MineMeld for Domain Blocking for DNS Sinkhole

Hello 

 

I am new to MindMeld and I am seeking help with an issue: 

I wanted to configure an External Block List to use with DNS sinkhole. I need a spyware blocking of malicous sites (Like URLF) but one that will work based ib DNS only! 

 

I tried to

...

Eliram by L0 Member
  • 9130 Views
  • 1 replies
  • 0 Likes

Enhancement Request: URL aggregator optimization

Today, the stdlib.aggregatorURL aggregator processes a list of URLs, removes duplicates, and manages withdrawals/whitelists.  However, no optimization is performed on the output of this aggregator.  I would like to recommend the following enhancement

...

rhagen by L3 Networker
  • 5518 Views
  • 3 replies
  • 0 Likes

understanding palo alto classifying traffic

 

Hi,

This is just to understand how palo alto understand classify the traffic and take action .

 

as I pasted below from multiple  sources  sending packets to an inside host .  Palo alto log shows  around  10 

 

times  (in a second )  from the  same

...

sib2017 by L4 Transporter
  • 5093 Views
  • 10 replies
  • 0 Likes

issue with malwaredomainlist.ip

Dear,

 

I added the "malwaredomainlist.ip" as miner.

This is working (shows that it has mined about 1500 IPs), but when I add the miner input to a ipv4 or domain aggregator I do not get any output...

 

2016-04-18 16_09_21-minemeld.png
mr.linus by L4 Transporter
  • 3731 Views
  • 2 replies
  • 0 Likes

Content 579 Customer Advisory

As a follow up to the release of Application and Threat Content version 579, Palo Alto Networks recommends that customers remove the following applications from their security policies prior to upgrading to content version 579. This is suggested to a

...

NFS Logging \ Non-HA

Hopefully a stupid question - doea Panorama need to be in a HA pair for NFS logging to work?

 

We are looking to setup and I am getting a 'Panorama must be set as primary' error - even though we do not use HA for Panorama and therefore this seems a m

...

apackard by L4 Transporter
  • 1819 Views
  • 2 replies
  • 0 Likes

anyone notice this PAN-OS 7.1.2

Anyone notice this "PAN-OS 7.1.2"

 

Determine the upgrade path.You cannot skip installation of any major releases in the path to your target PAN-OS version. Therefore, if you intend to upgrade to a version that is more than one major release away, yo

...

Inventory

Hi There:

 

Is there a way to export total devices managed in a spreadsheet through Web GUI? (Panorama)

 

I've tried the csv route through asset on my online account but it exports everything included with the device. I'm just looking for a simple "t

...

PaloAlto and Cisco Scansafe Proxy

I have a PaloAlto PA-200 with very simple configuration. I configure the PA-200 Management interface to get update the Antivirus, Threats, WildFire and URL Filtering. The proxy server is Cisco scansafe. I can update software, dynamic updates, lice...

dtran by L4 Transporter
  • 2382 Views
  • 2 replies
  • 0 Likes

Resolved! Apps and Threats 578-3263 *URGENT* *SOLVED*

We have had a few issues with customers and their network when upgrading to the latest Apps and Threats update.

 

Can anyone comment on this at all?


A few examples of issues are that decryption is not working, and communication to the LDAP server was

...

What's new in MineMeld 0.9.7

Release Date: 2016-03-24

 

How to update: Updating MineMeld

 

Nodes

- Miner for ProofPoint ET Pro feeds

- Miner for PAN-OS syslog messages, let you extract indicators from PAN-OS logs according to a set of rules

 

UI

- now you can add a new static i

...

Screen Shot 2016-03-29 at 10.55.39.png
Screen Shot 2016-03-29 at 10.54.55.png
lmori by L7 Applicator
  • 7364 Views
  • 7 replies
  • 0 Likes

Monitor hits against captive portal?

When using user ID and captive portal, when an Auth attempt fails because of the captive portal, how can you get notified? We have spent hours troubleshooting broken apps because the captive portal was preventing access but we have no indication of...

btrotter by L1 Bithead
  • 3809 Views
  • 5 replies
  • 0 Likes

ISE syslog for UserID

I am trying to parse ISE RADIUS logs to help map wireless users to IP addresses. I have the Palo configured as follows but I am not getting any info from ISE. I am not that familiar with ISE and did not set up that end but have been told that ISE is

...

ISE settings.PNG

Resolved! Captive Portal with Vwire.

Why does below document advise we need a L3 interface  for captive portal? We are running solely vwire and I still get on form when testing. I do have repsonse pages setup as well

 

https://live.paloaltonetworks.com/t5/Configuration-Articles/Configur

...

  • 24079 Posts
  • 116 Subscriptions
Labels