General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

Resolved! How do I delete imported configurations from Panorama

On Panorama version 5.0.3, how can I delete "imported Panorama configuration" files?

Resolved! My first OS maintenance update

Hi, I have an HA active/passive pair of 3050's that are currently on OS 5.0.2. I have successfully downloaded and installed 5.0.9 on the passive unit. Do I need to suspend the active/primary unit before I install the update or will the installation automatically take care of that?I am a bit nervous because I am connected over VPN to the firewal...

GP client connected to internal GW - no user attached to IP address

Hello all,I was thinking that when a client is connected via GP to an internal Gateway, the user is mapped to the IP address of the client. In my case, that is not working. The zone in which the client resides has user-ID enabled, but still the traffic is not stamped with the user-ID.Can someone help me troubleshooting?Regards,Stephan van der Plas

Resolved! Limiting number of recipients allowed per Email message

Hi all,I am looking for a way to limit the number of receipients allowed (rcpt to:) in an email message (smtp). Anyone done this already ? Ideas ? Custom Signature with smtp-req-rcpt-argument-length ?Thanks for inputRoland

SNMP monitor parameters for Palo Alto

Hello,I have two PA500 with software version 5.0 and i would like to know if i can monitorize using SNMP (Nagios) the following parameters of my Palo Alto.- CPU Usage dataplane and management- memory- Current sessions- Hard disk space- State and use of interfacesAlso wanted to know if i could monitorize in Panorama these parameters:- CPU Usage-...

Resolved! schema verification failed (application-filter -> nim 'nim' is already in use)

Hi There,I am kind of stuck on a problem for which I am unable to find a resolution ...When I commit on my device after upgrading "Application and threats database" , I get an alert with the " application-filter -> nim 'nim' is already in use "But when I do a change back (revert to previous state of database 404-2015) it is OK! Any thought...

Resolved! Any known problems with 5.09 on PA500?

Hi,I´m still on 5.05 on my PA500.Are there any known problems with 5.09 or is it safe to update?Thanks for your comments.cu

Resolved! Active-Active Clustering

Hi,I have configured Active-Active Clustering with LAN Side ARP Load-balancing with shared IP and WAN side Floating IP. Everything is working fine but when i am going to Monitor to see traffic it says only one box is getting traffic. there is not traffic log for second box.What is Active-Active if Load is not sharing between two boxes.Hope anyon...

Run multiple local script commands in CLI

Hi,In my struggle to switch my captive portal rules on and off I want to run a script to achieve this. I use a .bat file containing the following line:c:\test\plink.exe -ssh 192.168.100.2 -l admin -pw mypassword -m c:\test\enable.txtThe file enable.txt contains the following lines:configureset rulebase captive-portal rules "My Captive Portal Ru...

Resolved! 10G link aggregation PA-5050 to Juniper EX4500 switches

Hi everyone,I'm having a bit of trouble configuring link aggregation between my PA-5050 and Juniper EX4500 switches over 10G interfaces. The problem seems to stem from the fact that the PA-5050 link-aggregation dialog gives two options for link speed: 1000 or Auto, whereas the EX4500 configuration requires a hardcoded 10G speed setting.How can ...

Resolved! Does anyone have Applipedia in an Excel Spreadsheet?

I am in the process of building an Internet Gateway policy and need to review the 1,791 applications and make a decision to allow or block each application.It would be really great if the application information was in an .xls (Category) (Subcategory) (Technology) (Risk) (Characteristic). Then I could add columns like (Aproved) (Global Policy) (...

Limitations in virtual wire mode?

Hello all,I've checked all docs and guides and did not find any documented limitations (such as features not available) when PA is deployed in virtual wire mode. Does this mean that ALL possible features are available both in routed and VWire mode?For example: if I deploy PA in VWire mode between the Internet router and a L3 Core switch with mul...

Resolved! Adding a Custom Application/Ports to Security Policy

Maybe my thought process is wrong so I am hoping somebody can set me straight. I have a few non-standard ports that need to be opened on the firewall. They don't belong to any application so I need to allow the ports. What I have done is created custom applications with basically just a name and the ports used (no signatures). I created an appli...

Resolved! Block IP address

Hello,Is there a way to block a specific IP address if you detect multiple threats coming from this IP? For example block an IP address after the detection of 5 threats coming from this IP within 1 minute.I know you can block an IP but only as an action after the detection of a specific threat.Kind regards

GlobalProtect Internal/External Network Detection Status

I have a firewall setup as a gateway/portal allowing users GlobalProtect client to prelogin and/or automatically log in when not on the corporate network. This is in the early testing stages and what I am noticing is the following. If I am on the internal network (determined by Internal Host Detection) and then switch to an external wireless c...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!