General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Do Management Port, Console Port use MP?

Hello~

PA Devices'plane divide MP, DP

MGT, Console Port, Dedicate HA1, and usb port connect to MP

and than the others port connect to DP

If RJ45 or SFP can be given mgt function or HA1 backup port

Doesn't that use dp resource?

If MP is worried Can HA1 Port

...

Treating & Blocking "incomplete" TCP traffic like a Brute Force?

Short question - can it be done?

Now, I know what "incomplete" entries are in the log - they are failed 3-way handshakes, or ones that completed with no additional data. The problem is that "incomplete" is not an application or vulnerability that I c

...

Monitor ISP with PA 3020

What is the method to monitor an ISP bandwidth usage through the palo alto firewall especially if you do not have google chrome?

Resolved! Optimizing a particular website

We have a website which all of our 500 users use daily. Our users do a lot of streaming (youtube, netflix, you name it). Depending on the user the "allow" rule for http, https and New-relic coudl be as much as 40+ rules down.

Would it be beneficial

...

Importing a Customized Captive Portal Response Page ... Uploading forever

Hi guys,

I´m trying to import in PanOS 4.1.11 a Customized Captive Portal Response Page and when I click on Import the result is a Dialog Box that says Please Wait and Uploading for ever and ever.

Can somebody tell me how can I import this customized r

...

Domain User Names not showing in Group-Mapping

This is driving me crazy and looking for some input...

I have the User-ID Agent installed on my single domain controller which is running fine and connected to the PAN on version 5. Using an example below (my domain is different), I've duplicated the

...

Resolved! Device administrator rights

Hi,

-

one stupid question: why "device administrator" can't load, export/import configuration (can only superuser)? In Setup -> Operations tab only setting is - validate candidate configuration.. If i create custom Admin role with all rights, in setu

...

Resolved! Tracking an infected computer

I got a notice from my ISP that we have a Conficker infected system (downadup) but I am coming up with nothing when I try to find it. The less than helpful info I recieve is the first octet of the target IP (38) and source port 61494, which map to h

...

Resolved! Can I create custom application with destination IP and TCP/UDP port?

Hello,

I know that FW can control application correctly when has L7 signature.

But my customer want to create application signature more simple and easy for internal trust server.

For example, There is 192.168.1.1 web-server. He want to create app "our-

...

Resolved! Replay pcap

Is there any way that I could feed a pcap into the firewall?

What I would like to do is take a pcap and run it through a monitor port to test out some rules and IDS settings. Right now my plan is to use tcpreplay, but I was curious if there was any

...

report custom

Hello

I'm looking for solution how to create custom report that shows login and logout of Global VPN users. In this report I need time of connection/disconnection IP login name and status (success or false) of connection.

Help me please

With regards

Lui

...

How can i add a new larger disk, keep the current log, and remove the old smaller disk when the logs have expired ?

Or do i just have to remove the old disk, add a new disk and forget the old log

...