General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Pa-2020 restart unexpected

Hello

My Pa-2020 restart unexpectedly with no reason aparently. I'm attaching the log so any help me is welcome.

Thanks!

Log:

2014/10/30 11:04:56 info general general 0 Connection to Update server: updates.paloaltonetworks.com completed succe

...

Global Protect Best Practices

I have deployed Global Protect with Single Sign on and have internal host detection. I have everything working and connecting fine, I have one portal and 3 gateways.

What I have seen is that some internal clients are connecting to an internal gatew

...

Resolved! Spamhaus Domain Block List (DBL) PANOS Integration

I recently discovered that one of my favorite real time block list providers has a new block list for domains that are found in phishing emails. PANOS has the ability to use a dynamic block list (DBL)/(EBL) external block list, but from what I have g

...

FTP session logged as 2 TCP sessions

Hello.

I have a problem with the way PA handles FTP sessions. I have a general rule which allows privileged user groups to have full access to a certain network. So application and service in this rule is 'any'. One of the applications users will be u

...

Filter Security Policy by Profile column?

How do I filter the Security Policy to show only those rules that have a specified profile, or no profile, assigned? We have a large, ~560 rule rulebase. I need to be able to easily find rules that have a specific profiles assigned. Scrolling through

...

Resolved! 6.0.5 h3 explanation

Hi all

could someone give an example about 6.0.5 h3 asymmetric bypass.When to enable that ?

how that asymmetric trafic works with 6.0.5 but not with 6.0.5-h3 ? That is the thing I'm confused about.

Panorama commit procedure

hey

does anyone have a document that describes "step by step" the commit procedure of the panorama?

just had a quick talk with support and apparently the commits from panorama are calculating directly to the running configuration

User ID Agent

I have a problem where the user id Agent is reporting the wrong user to an IP.

For example, user a is 10.1.1.5 and has id test1

Sometimes user b with an id of test 2 shows up with 10.1.1.5 which is not accurate, if I do a show user Ip mapping it shows

...

Resolved! not-resolved URL Category

We are seeing a large amount of url logs being categorized as 'not-resolved' at a rate of about 5500 per hour. After reviewing logs to compare it appears it started a few days previous. What is strange is a site will be categorized as 'not-resolved'

...

NSS Labs Report - Mitigation for claimed vulnerabilities?

Seriously? | NSS Labs

Could someone elaborate on the section which says:

All PAN-OS devices require a configuration change to detect even the most basic TCP stream segmentation evasions. The “Mismatched overlapping TCP segment” protection in the Zone P

...

Resolved! Microsoft Windows SChannel Malformed Certificate Request Remote Code Execution

Hi.

Can anyone provide insight into the threat signature for MS10-049? What it triggers on, etc.? I have seen this triggered by Goggle domain IP sources that produce certificate errors.

Thanks,

Monica

Resolved! NAT Rules

Hello,

I was wondering if anyone could explain the following scenario to me as I seem to have found a bug with NAT policies.

On our PA-2050 v5.0.8 I have configure three zones: inside, dmz and outside, and a host in the DMZ. I created two NAT policies,

...

Resolved! External Data Port Cabling

Hallo

i am setting up a new PA 3050 FW. I dont want to use the management port to connect to internet and download updates. So I am following the admin guide to "Set up an External Data Port" for updates. Now as per that:

1. I set up a port, say e1/4 o

...

Resolved! Print policies/objects/rules

Hi,

Is there any way to print the PA policies??? i would like to print the window with all policies NAT/security.... Its possible to do it or i would have to use "Print Screen" many times :''(

thanks

Resolved! Unable to access PA-500 GUI "Creating Administrative Session"

Hello,

Today, when i try to connect PA-500 user interface, after login, PA-500 WEB server shown (as usually) "Creating administrative session. Plase Wait..." for a while, and nothing happen. Chrome Browser shown "Page is not responding".

I tried to lo

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free