General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Akamai Technologies?

It seems nearly every time I need to determine the URLs that are using what seems to be excessive bandwidth, this one comes up the most. Akamai Technologies. I understand they are a CDN, but if most services rely on their services and that is as far

...

wildfire submission registration fail

what could be the issue with wildfire submission registration fai.

Resolved! interface and subinterface configuration for untagged VLAN 1

I have a switch that is allowing all VLAN 1, 44, and 120.

I have the following configured:

on the physical interface I am using 192.168.0.1/24 which is VLAN 1

created two sub interfaces for each VLAN

subinterface .44 tagged 44 IP address 172.20.44.1/23

s

...

Ipsec VPN issue with checkpoint

Hi Friends,

We have an IPsec VPN tunnel configured with CheckPoint firewall.

Basically, when our Phase 1 expires after 24 hours, if a Phase 2 key is still within its 1 hour lifetime, we receive no response back.

Only after the Phase 2 k

...

Resolved! Static user-id to IP-address mapping

Hi All,

Is there a way in PanOS 6.1.x to manually map a user-id to an ip-address.

Or is there a way to set an IP-address to be exempt from the user-id mapping policy.

I have PA-500s being staged behind a generic firewall inside a production network wit

...

Resolved! High Availability VWire

I am setting up a HA pair of 5060s in vwire mode between two Cisco ASA's and the internal switch. the ASAs are set up has HA.

What is the best way to set up the 5060s in HA to ensure they notice when the ASA fails. I do not want a scenario where the A

...

Problem of Authenticating users on Cisco WLC integrated with Palo alto

dear all,

we have integrated our Cisco Wireless Controller with Palo alto Firewall, the problem is that some people, authenticated successfully on the network, but the username still not appeares on Palo alto, although i can found them on the WLC, th

...

How to use Panorama to deploy standardized remote sites?

I'm looking for a way to use Panorama to deploy about 100 remote sites.

Let's say that we have the following scenario:

Site 01 has local subnet 192.168.101.0/24

Site 02 has local subnet 192.168.102.0/24

Etc through site 99 has local subnet 192.168.199.0/

...

SNMP OID´s and descriptions - PA-3050

I need the SNMP OIDs with descriptions for the PA-3050

software version: 6.1.4

Do you help me ?

tks

Paulo Aun

Resolved! using url categories in security rule base blocks allowed traffic

Hey all,

We have a security rulebase which is causing some bizarre issues.

rule 1:

trust to untrust
service: tcp-80
url category: online-storage
url filtering profile: alert-all
allow

rule 2:

trust to untrust
service: tcp-80
url category: /
url filtering profile

...

DHCP not passing thru the 500 in wire mode

I am using a pa-500 as just a web proxy, I have clients sitting in different vlans connected to a ASA5512 that is acting as the router/FW and has DHCP Relay setup and was working fine. I added the PA500 between the ASA and the other network as a web

...

BGP setup - "max prefixes" question

We have a pair of 7050s that are Internet-connected via three ISPs. The ISPs are sending a limited set of routes (essentially the IP space they "own) down to our border routers. We want to replace the static default route we're using with BGP between

...

Resolved! Cannot ping PAN from srx

Hi guys,

I just got my hands on a new PAN. I have setup an srx100 behind the PA-500. The interface Ethernet 2/8 is in the trust zone, is setup as a L3 interface and has an IP of 10.1.1.1. The SRX's IP is 10.1.1.2. The SRX's next-hop address is the PAN

...

Cisco Wireless Networks, ACS, Syslog-Senders, and AD Groups !

Hi,

I've worked out how to recover the User ID, or UID, from a wireless network logon by sending syslog messages from the Cisco Access Control Server, or ACS, to a syslog-sender configured on my firewall.

For wired connections I can recover UID and AD

...

Resolved! Filename capturing not working...

Hi everyone,

Is it possible to capture filenames as they are uploaded to dropbox, box.com, justcloud.com, etc...?

We "should" be decrypting the traffic according to our decryption policy. Well it at least shows the flag decrypted in the packet capture

...

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free