General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

web crawling for google only

I know this topic has been discussed before but there is never a clear answer. It seems it is not possible to allow only specific web crawlers such as google. If that's the case, I assume most of you have web-crawling enabled for your site only? Google is still getting blocked from crawling our site. I was hesitant to enable web-crawling but it ...

vcom-tunnel

Hi! We have a problem on the equipment pa-5020. when we look at the log traffic, the session ends with incomplete response Then I looked in and saw the following wireshark log. SYN - VCOM-tunnel Seq = 0 win = 8192 len = 0 mss = 1460 ws = 256 = 1 sack_perm=1ACK - VCOM-tunnel Seq = 0 ack=1 win=17920 len-0 mss=...

Resolved! How would I block social networking but allow a single Facebook page?

I have a URL filtering policy set to block the social networking category which of course includes Facebook. I need to allow the users that are assigned to this filtering policy access to a single Facebook page along with the pages that correspond to this single page. I tried the link below with no success and of course I tried to add the spec...

Resolved! What is HTTP OPTIONS Method

Hi,In our ACC I can see that the status bar is 3.7, thanks to the vulnerability HTTP OPTIONS Method. The problem is that I have no idea what this is and how I can fix this. How can I fix this problem?

Traffic from one zone to another

Hello. We have two virtual wires called 'eduroam' and 'live'. There are two zones linked to eduroam, namely 'eduroam_tr' and 'eduroam_untr'. There are also two zones linked to 'live', called 'live_tr' and 'live_untr'. We would like to allow communication of machines residing in 'live_tr' zone between a machine residing in 'eduroam_tr' zone. Do I...

There are drop counters when performance test

Hello,I am doing performance test with Breaking Point about throughput , CPS.While testing, I have found drop counters as below.session_dup_pkt_drop 701 3 drop session resource Duplicate packet: Applies only for multi-DP plat form with hardware (Tiger) broadcasting pkt to all DPsWhat does this mean???KC Lee

Resolved! GlobalProtect Auth Problem after making new VSYS

When ever we make a new vsys our global protect authentication fails with user not in allow list. Has anyone else seen this problem. We are going from one one system to 2 vsys's. ( I don't know the correct wording)

Can I use SSL SYSLOG to ArcSight Logger?

Hi,I can see the PANW SYSLOG server profile transport SSL on 6514 and I am just trying to work out if this can be received by Logger?Thanks for looking.CheersRichard

Moving/importing logs after HD failure

Hi.Recently, owing to an unplanned abrupt shutdown of my active firewall, I ended up with a hard drive corruption which prevented it from booting up (thank $deity for HA pairs).Quite apart from PA's *ridiculously* bad response time to replace the hard drive (which is being/will be discussed with my support partner, trust me), I need to know if a...

Resolved! Spyware Severity Level

Hi,Could you let me know criteria of each spyware severity levels?Regards,

Layer 2 vs. Layer 3 Deployment

Hi!At the moment, I hover between a Layer 2 and Layer 3 Deployment of my PA.My setup is: | | | | Internet <-> IPSEC-router <-> DMZ <-> internal firewall | | | | My IPSec-router-cluster and ...

Dynamic Roles vs. Role-based Panorama

Hi everyoneSo I was just wondering if anyone else has noticed a discrepancy between role-based and dynamic roles on their Panorama. I notice that "botnet" and "session browser" are not drop downs for my role-based admin role. That is fine since https://live.paloaltonetworks.com/docs/DOC-4172 goes to show they should not be there. However, when I...

Cisco to PA Access List Migration

Hello,I am in process of prepping a Palo Alto 5050 to replace a Cisco FWSM. I am doing most of the configuation on the PA by hand, but I was wondering if anyone knows how to best go about importing over 5000 Cisco access list lines into the Palo Alto, short of entering each one by hand? I understand that once they are in there there will need to...

A lot of traffic on port 443 (https) to ip 65.52.98.231

Hello,I have a lot connections from my firewall to public IP addresses 65.52.98.231 port 443.Our SIEM correlated events and generating the following offense: Event Name: Excessive Firewall Accepts From Multiple Sources to a Single Destination Low Level Category: Firewall Permit Event Description: Excessive Firewall Accepts were...

Resolved! DCHP GLOBALPROTCTECT

Hi there. I wonder if it is possible to match an IP address with a MAC Address, this can be done in the normal DHCP in a public interface, but not if one GlobalProtect in DHCP can be made.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

web crawling for google only

vcom-tunnel