General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! Commit Error after Panorama Upgrade to v6.0

Hello guys,

We recently tried to upgrade our Panorama from version 5.1.5 to version 6.0. The upgrade itself was okay, but we were unable to do commits to devices still running v5.x afterwards. It looks like it's related to custom application signature

...

How to enable safe search in youtube?

Hi All,

How to enable safe search in youtube? example : Allow youtube but deny adult content (porn videos)

I tried by allowing "youtube-safety-mode" app and blocking "youtube-base", but giving app dependency warning. ( youtube-base needs to be allowed

...

www server in DMZ - what aplication should me allowed?

Hi

My www server is in DMZ, I have strict security policy that allow:

- web-browsing

- web-crawler

- ssl

- rss

- flash

I have application -default as a service.

Is it enought for indexing services like Google and any other?

Regards

SLawek

Activation Codes

Good Day

I have a question about activation codes.

We received the activation codes on a PDF document, my question is are the codes tied to specific device serial numbers or are just to specific device types?

Resolved! Unable to get PA-500 online

Hi folks,

We recently acquired a PA-500 and are having some issues getting it online. The guys we bought it from, aren't available for installation for about 3 weeks - and we can't wait that long.
Our plan is to at least get the VPN going (our previous

...

Resolved! SSL error with GlobalProtect portal and Firefox 27.0.1

Hi,

I have been setting up the GlobalProtect VPN infrastructure for our new PA 3020. Until recently, the GlobalProtect Portal was just fine, but now, with the latest Firefox update 27.0.1, I can't access the client download page with Firefox anymore.

...

Resolved! Multiple Global Protect Gateways on One Physical Interface

Hi

is it possible to create a setup where two separate GlobalProtect Gateways are listeningn on the same physical interface? It's clear that they cannot be running on the same public IP address, but how about if I'm allocating separate IP addresses fo

...

Resolved! scp export error

Hi,

My problem is:

when i'm using cli command "scp export configuration to user1@x.x.x.x:/home from running-config.xml" - all works perfect or "scp export log-file data-plane to user1@x.x.x.x:/home" - perfect.

And if i try "scp export logdb to user1@x.x

...

How to forward the packet capture file ?

Can The packet capture file forwarding to specific server ?

if that, please let me know the config.

Resolved! Security Policies and Local Groups

Is it possible to create a security policy to permit/deny local users/groups? Only my LDAP groups show up in the "context" menu when adding a user/group.

Is there a Windigo signature?

Hi,

Is there a Windigo signature under another name, or some other way to detect a Windigo infection or infection attempt using the Threat detection feature or something else?

From what I've read only a host based intrusion detection system could actua

...

How to use Active Directory GPO to push PAN SSL Certificate in Firefox & Chrome

Hey Folks,

I want to use SSL Decryption for internet outbound traffic and I have a lot of users in using Firefox & Google Chrome as their web-browsers

I know there's a way to use Active Directory GPO to push the PAN OS self signed SSL Certificate into

...

Cleaning security policies

Hi,

We want to do a cleaning in our security policies because we have many rules not being used and many old objects not being used in our policies. My questions are:

-There is any way to know what policies are being used and howmany matches each rule

...

Resolved! PA support SPT protocol?

Hello team.

When configuring Layer 2 of interface that support spanning-tree protocol? or not?

PA can be used SPT root bridge and sending recieving BPDU packets?

Thanks.

Regards.

Roh.

PA-200 - BrightCloud URL Filtering Updates

Hi There,

Just wondering if someone can help with a question regarding the BrightCloud URL Filtering updates. I updated the BrightCloud URL Filtering license on a PA-200 however when I try and download the URL database I keep getting an error trying t

...