General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Upgrading from 5.0.11 to 6.0.0 fail

Hi Team,

unfortunately, I tried to upgrade my 2050 from 5.0.11 to 6.0.0 with no luck

I get the below error

could you please help me to solve it

Error when trying to commit

Hello,

I am getting the following error when trying to commit and am not sure where to look.

Error: Need to config WMI account and password for querying Microsoft directory servers

Thanks in advance.

Bob

VPN Encryption/Authentication key's for Wireshark Decryption

It is possible to debug ESP packet's in Wireshark but to do so I will need to obtain the encryption key and the authentication key for the given VPN from my Palo Alto 5050. As an example - In Linux it's possible to get this information by running the

...

Best or recommended way to connect PA to Windows Domain

What is the recommended way to connect a PA box to a windows domain?

I see know there is a radius way of doing it, and i know this is the way other like to configure it.

But there is alot more work configuring, and reconfiguring if i want to change/add

...

Resolved! Comprehensive report

I have had my PA 3020 in line for about 4 months. Can anyone suggest a report to run that we give me a good over all idea of how well the firewall is working?

Heartbleed bug - filter status?

Anyone got some information regarding a threat filter release for CVE-2014-0160 a.k.a Heartbleed bug in OpenSSL?

youtube detection failure

creating security policy to allow specif users to use applications web-browsing and SSL with destination any with using SSL decryption policy which decrypt all.

after this policy there is implicit deny .

the issue that palo alto cant` detect youtube ap

...

User-ID Agent

hello.... Can a User-ID Agent connect to more than one firewall?

if so, how do you set up the other ones?

Resolved! Active/Active & IPSec Trouble

After implementing HA Active/Active, we left S2S VPN tunnels alone. Ultimately no changes to IKE Gateways. The S2S terminate to a /30 address that is statically routed from the ISP to ethernet1/12 on the active-primary. Tunnel interfaces and their

...

Resolved! Port Channel to Cisco Switch

Hi,

I have Palo Alto 3020/5020 firewalls and I would like to configure a port channel (ether channel) between these devices and a Cisco switch.

I have configured an aggregate link on the Palo and added the interfaces. I have created the Port Channel on

...

enforce safe search

I created a rule for URL and tick the enforce safe search. When it enabled, if I want to do the google search, I have to log in my account and pick lock safe search. Otherwise, it will block me.

I think it is hard to use in my case, which is a scho

...

enforce safe search

I created a rule for URL and tick the enforce safe search. When it enabled, if I want to do the google search, I have to log in my account and pick lock safe search. Otherwise, it will block me.

I think it is hard to use in my case, which is a scho

...

Test PA-200 parrallel to current firewall

I received a PA-200 device for review and testing. I like to set it up besides my current firewall and see what it can filter.

Via SPAN Monitor on a Cisco switch I copy all traffic on the UNTRUST side to the PA-200. Now I get a lot of tcp-reject-non-s

...

Remote Management using Public IP (on different port)

Hi,

I have setup my device management to use the public ip. it's working fine but i want the management to be done using a different port. currently its using https(443). how can i configure this?

Please help.

Thank you.

Ampersand in API request

Hi, colleagues!

I have a "Custom URL Category" and I try to add new URL from API request but if URL have ampersand(&) I have a error: <response status="error" code="18"><msg><line>Malformed Request</line></msg></response>

PanOS: 5.0.8

Original URL: exam

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free