General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 658 Views
  • 0 replies
  • 0 Likes

Panorama 6.0

we recently integrated a PA-500 (4.1.10) into PANO 6.0 and we've started seeing OSPF flapping. Has anyone else experienced this issue? It looks like the Management cpu will spike up to 100% when communicating to the PANO and then we lose OSPF. This P

...

mjames by L0 Member
  • 1819 Views
  • 1 replies
  • 0 Likes

Global Protect Portal

Is there anyone out there running client VPN and managing it through the portal on PAN-OS 6.0.1?  I keep getting the error stating that I need a portal license.  I have the same setup on another Palo on version 5.0.8 and it is running without a licen

...

tsapp by Not applicable
  • 1661 Views
  • 1 replies
  • 0 Likes

Mcafee Application Object

Has anyone noticed the Mcafee Application Object is using the wrong ports, or do I have something wrong?

  • McAfee update protocol for distribution of signature/pattern updates. tcp/3025
  • Mcafee-update tcp/8801

These are all the ports Mcafee leverages (outs

...

CLI Scripting to implement missing commands

Hi,

in my opinion some commands are still missing in the PanOS CLI. I miss some features implemented in my conventional firewall to handle the policy rule  set efficiently.

Some other vendor has the possibility to use so called op-scripts in the CLI.

...

Unibw by L2 Linker
  • 3076 Views
  • 3 replies
  • 0 Likes

Best Way to use User-ID Agent.

Hey everyone,

I have been bashing my head onug how I can cleaninly use the USer-ID agent.. I wanted to stop WMI or event exclude internal vlans as I thoht it was used just for VPN. But its not its used to map source user info in the log files of the f

...

Zewwy by L3 Networker
  • 5952 Views
  • 8 replies
  • 0 Likes

Dynamic Block Lists and Spamhaus

Does anyone know if the Spamhaus format drop lists (that use ";" delimiters to denote descriptive text) are accepted as PA Dynamic Block lists?

http://www.spamhaus.org/drop/drop.txt

Rgds

apackard by L4 Transporter
  • 8541 Views
  • 5 replies
  • 0 Likes

user agent refresh

hi!

i was wondering what is the time frame for the user agent to "discover" newly added users or security groups, in an LDAP environment?

if such a timer exists - is it configurable?

can the agent be forced to update its database?

thnx!

Resolved! Dynamic Block List format clarification

I need some clarification on this great head start on Dynamic Block List format:

Working with External Block List (EBL) Formats and Limitations

I note that a few lists seem ready to use without re-formatting like:

http://rules.emergingthreats.net/fwrule

...

MCmgt by L2 Linker
  • 3710 Views
  • 1 replies
  • 0 Likes

Failover latency

Hello,

I have one question and I hope somebody will help me.

Does PaloAlto has a recommendation for failover link latency. For example I have firewall cluster and this cluster is done across wide area.  What max latency should be used for properly func

...

aaputis by L0 Member
  • 2634 Views
  • 2 replies
  • 0 Likes

Brightcloud Revision 4272 and *.googleapis.com

Just a heads up that revision 4272 of Brightcloud which installed on my PAN-500 overnight marks *.googleapis.com as spyware, so certain Google services will not load if you are blocking adware/spyware categories.  I reverted back to 4271 before I fig

...

  • 24112 Posts
  • 117 Subscriptions
Top Solution Authors
Top Liked Authors
Labels