General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

SSH2 Login Attempt - ID 31914

Name:SSH2 Login AttemptID:31914Severity:Description:This alert indicates a login attempt against the target SSH server. If there are too many login attempts, then it may means an attack is try to brute-force user name and password.

I don't know who wr

...

Resolved! AD Policy

In Active Directory, we have a policy that requires all users to change their password every 90 days.. we have it configured to prompt within the last 15 days of expiring.. this is not happening for Global Protect users..the user gets stuck in a loop

...

connection interrupt

Hi,

An internal application is used for databese.It's default port is 5520

when we saw this behaviour we wrote an application override rule for that tcp port and named a new application.

after that we saw issue behaviour not changed(user is disconnectet

...

Destination NAT question

In this document is described how the NAT function at the Palo Alto.

https://live.paloaltonetworks.com/docs/DOC-1517

Has anything changed in the 5, in contrast to 4.1er?

So far, the destination NAT zone was generally on the incoming interface as the sou

...

Panorama 5.1.0 upgrade fails and VM cannot boot on VMware

Hi,

I have upgraded my Panorama residing on VMware using the web interface to 5.1.0 but it is not able boot now.

It is on VMware and it is continuously asking for a login with different names and after a while it reboots.

Any ideas?

Resolved! How to assign a specific IP for a SSL VPN user?

Does anyone have any idea how to assign a specific IP address to a SSL VPN user from the configured pool?

Resolved! Revert Panos

Hi,

when we revert to 5.0.5 from 5.1.0 using maintenance mode (Panorama)

will we lost all logs ? and config ?

Thanks.

GlobalProtect clients logged as PA MGMT

Looking through my logs today and I noticed that connections initiated by clients using GlobalProtect are being logged as sourcing from the PA management interface. Is this expected/intended behavior? Shouldn't the log show the clients IP address?

Resolved! What is minimum rights on WMI-user?

As far as I can see, a WMI-user has to have "Server Operators"-rights.

Is this the minimum rights?

BR. Soren

Resolved! Data pattern

HI all

I tried to created a data pattern with a regex like in the pan 205 training course.

(Classified)|(CLASSIFIED) and this seams to be not working.

and the workaround that I found is to create in the data pattern 2 pattern

first : Classified

second :

...

Resolved! qos link aggregation

Hi,

Any information about , this funtion will be supported in future releases ?

Strange URL request in botnet

Hi all,

This morning, spending some time on my palo report and in botnet report there is many alert concerning repeted request to "84.39.153.31/SpamResolverNG/SpamResolverNG.dll?DoNewRequest"

Does someone know what it is ? Is it part of Microsoft emai

...

Resolved! Migration from Netconnect to GlobalProtect

Hi,

We have a PaloAlto PA-2020 pair (active / passive) with PAN OS 4.0.14 and a lot of laptops with Netconnect installed.

As we have been experiencing problems with Windows 7 64 bits when installing Netconnect we have planned to update

PAN OS to the lat

...

Dns vulnerability

Hi,

is there a way to block

DNS Cache Poisining

DNS Server Spoofed Request Amplification DDoS

with Paloalto ?

Resolved! What timezone of release date for dynamic update?

Hello guys

As you know that PAN could show a release date of contents as below.

I wonder about above date is related timezone configured PA box or only US/Pacific time?

Thanks..

Regards.

Roh.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!