General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Rudimentary TCP Session and Monitor Question

I feel like I should already know this, but I just need a sanity check.

I have a rule that allows host A to B via tcp/900. So host A starts to communicate via host B via that port. The firewall allows it and a session is created. Now, assume A a

...

third party VPN clients with PanOS 7.0.3

I was curious if anybody else has seen this issue, or could perhaps try to duplicate it.

I have a problem with third party VPN clients after upgrading from PanOS 6.1.6 to 7.0.3 on our PA-3020s. Specifically, the built-in IPSec VPN client on Mac OS

...

SSL Decrypt

Hi

We have a guest wifi that availave to all and sundry to be used by using their own equipment. We would like use SSL Decryption on this.

The main issues is that for guest device we have no control over this to be able to install the CA cert ont

...

Can I choose what categorizes I choose for allowing SSL-Opt Out Pages?

Hello All,

I am after some help with SSL decryption?

We currently want to decrypt ALL SSL traffic. However moving forward there are 3 catorgies we wish to bypass SSL decyption for BUT only with the use of the opt-out pages not a blanket SSL cato

...

Resolved! Search GlobalProtect Users on Portal and Satellites

I have several satellites and one portal. I have a lot users connected to the satellites and portal.

From a CLI console, I would like to query for GlobalProtect users from a centralized console. Right now, it is a pain because I have to open a

...

we're starting to get "WildFire Public Cloud channel registration received invalid cloud info"

SYSTEM ALERT : high : WildFire Public Cloud channel registration received invalid cloud info"

errors all of a sudden. No change on our side.

varrcvr.log only reports

2015-11-24 08:25:24.386 -0500 Error: pan_fbd_fwd_report_process(pan_fbd_fwd.c:40

...

Resolved! AWS Servers trigger Vulnerability

We are seeing a high number of HTTP Non RFC-Compliant Response Found

Signature ID : 32880 CVE-2010-2561

All are logged from aws servers, evenly distributed across a large number of servers - 173 in one hour, each with 300-500 hits. I have packet

...

Import named configuration snapshot failure

I'm trying to import my production Panorama VM configuration into my lab Panorama VM and I am getting the following message, and I'm not entirely sure what it means:

upload -> config -> content Node can be at most 41943060 characters - current leng

...

Global Protect Failed to open sub key

Hello All,

i have problem with my GP. I configured it and for 99% users work fine. But a few has communicate "resend credential" and stuck.

In log file PanGPA.log i have:

(T6992) 12/01/15 11:24:08:539 Error( 129): Failed to open sub key 'Software\Pa...

How to test AV Functionality when Eicar not in signatures?

How to test AV Functionality when Eicar is not recognized by the Firewall?

Roman

Resolved! How to create and configure 100 tagged subinterfaces via CLI

Hello,

is it possible or do I have to use GUI?

Roman

McAfee Evader - did You use it?

Hello

I'm courius that someone is using it for testing PA device? What was the resoults?

You can download this tool from http://evader.mcafee.com/

Do You know other tools like this?

With regards

Slawek

Online PA training

Can anyone suggest some good online PA training?

Global Protect DHCP Options

I have a PA-500. I have a basic configuration for Global Protect up and working - certificates, agent settings, etc. All is well. The client can route to internal resources as expected.

Now, the next step I need to take for these VPN clients in trans

...

OpenVPN behind PaloAlto

Hi!

We can't get OpenVPN to work. Our Juniper-SA works well.

The setup is only working without Firewall:

Laptop (static IP 80.0.0.4) attachted to an switch and the OpenVPN server attached to the same switch (eth1, dmz)

Our Policies:

Monito

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Resolved! Rudimentary TCP Session and Monitor Question

third party VPN clients with PanOS 7.0.3

SSL Decrypt

Can I choose what categorizes I choose for allowing SSL-Opt Out Pages?

Resolved! Search GlobalProtect Users on Portal and Satellites

we're starting to get "WildFire Public Cloud channel registration received invalid cloud info"

Resolved! AWS Servers trigger Vulnerability

Import named configuration snapshot failure

Global Protect Failed to open sub key

How to test AV Functionality when Eicar not in signatures?

Resolved! How to create and configure 100 tagged subinterfaces via CLI

McAfee Evader - did You use it?

Online PA training

Global Protect DHCP Options

OpenVPN behind PaloAlto

CVE-2025-0110

I have a problem with the network, please help me

Static Bi-directional Source NAT not working on incoming traffic

Can I use HA function on palo alto vm-series with out any license?

Zone Capacities per PA model

Re: Global Protect application blank screen

Re: GlobalProtect 6.3.3

Re: Flexible vCPU VM Firewall interfaces are down

Re: Data center providing dual ports already in VRRP - my topology?

Re: PAN-OS Release Frequency

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! Rudimentary TCP Session and Monitor Question

Resolved! Search GlobalProtect Users on Portal and Satellites

Resolved! AWS Servers trigger Vulnerability

Resolved! How to create and configure 100 tagged subinterfaces via CLI