General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

PA 500 doesn't show data, system logs nor application in GUI

I've posted screenshots of my issue. I can see logs in cli mode.

Resolved! EIGRP between routers sitting behind PA site to site VPN

I want to set up a site to site VPN tunnel between PA 3020 and PA 500 to replace existing Cisco equipment. The current equipment is uing EIGRP routing to fail over to VPN from MPLS using 1921 routers. If I put in PAs to handle the VPN traffic in fron

...

Resolved! Traffig Log database exceeds alarm threshold value(90%) of total allowed size (xxxx) Issue

Hello Community,

Actually I have an issue with traffic log alarm.

First, I want to know more related to traffic log works.

Actually the PA has assingned 32% (38.06 GB) of quota.

In the security rules the flag is check in the option "end the session

...

Palo Alto PA200 in L3 mode and PS4

Can anybody please tell me how to fix the NAT issue with the PS4?
Anybody had the issue before?

User-id not updating mappings fast enough

We have 2 user-agents deployed that read the AD logs and the PA7050's connect to the user-agents. The agents are running 6.0.7-10 and the PA7050's running 6.1.4.

We are having a problem where mulitple machines across various networks are using a "gene

...

Identifying files that were 'allowed' but are now known to be malicious

Wondering how others are tracking down files that were allowed through the firewall but later determined to be malicious (as a result of WF analysis)

Temperature sensor in PA-4020

Hi guys,

Is there anybody, who has PA-4020 with 6.1.x(perfect if it will be 6.1.5  )? I need some help.
First, could you please execute a command:
> show system environmentals thermal
and share the output?

Secondly, ask your box via snmp:
snmpwalk -v2c

...

Resolved! Block known bad TLDs?

My CISO want's to block known bad TLDs (such as .zip or .review) in our Palo. I know how to block specific url(s), but is there any way to block an entire TLD?

I'm running into issues blocking *.zip since it will also block legitimate URL traffic tha

...

New dates not available on reports-

When I go to monitor reports and click a report- I can't select any date after July - I created a custom report and can report on information that way but the included reports don't seem to be working. Any suggestions?

Resolved! Default Behavior of QoS

Hello All,
Quick question on the default behavior of QoS on the firewalls. Do interfaces on the firewall assume the QoS profile of "default" if I don't specify a QoS profile for the interface? The heart of my question is if I change the guarenteed a

...

Difference between soft lifetime and hard life time in IPSEC VPN

Could someone help me understand Difference between soft lifetime and hard life time in IPSEC VPN

6.1+ update stops tagged interfaces from working

I tried updating a PA3050 HA active/passive setup from 6.0.10 to 6.1 to eventually go to 7.
The update works for both devices, everything seems to be working like it should, except for the tagged subinterfaces of the aggregated interfaces. They simply

...

Resolved! IP address not displaying correctly

I created a user account that so that the helpdesk can monitor the traffic and threate logs on the palo alto but not make any changes. But when I open up the traffic and threat detail instead of showing the exact IP address for the source and destina

...

Resolved! Random denial

What would cause traffic that is allowed through one rule to be denied by a rule below it. Shouldn't it just go through the rule allowing it and not even go any further.

Odder even still is that traffic is not always denied sometimes it does pass thro

...

Temporarily Disable SSL Decryption doesn't work since 7.0.1

It seems that the cli command "set system setting ssl-decrypt skip-ssl-decrypt yes" doesn't work on PAN-OS 7.0.1. The decryption wouldn't temporarily disabled, nothing happens!?

Has anyone the same problem?

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free