General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! Problem with multiple Netflow profiles

Hello,

I encounter a problem using multiple netflow profiles on our PA-500 running PAN-OS 4.1.8

I have defined 3 different neflow profiles, each refers to a specific port on the same host.

Each profile is assigned to exactly one physical layser 3 interf

...

Block page and SSL

Hey all,

So, we have a need to block everyone but a small AD group access to a couple pages. Now, we don't want to just "deny" them in the rule (we have a comfort page that promps them they are blocked and allows them to request access) - I don't wan

...

Resolved! What is hidden locally on a device when being managed by Panorama?

When you configure a PA device to be managed by Panorama the first thing that (when you login through web-gui directly to the managed device) goes away is the contents of running-config.xml regarding address objects and security policies.

These settin

...

Resolved! Application = insufficient-data?

We have some outgoing UDP traffic that shows up in the traffic log with "insufficient-data" in the application field. The problem is that this traffic is being allowed through the firewall because it's being matched to a rule that allows FTP traffic

...

Some of traffic logs are not converted,is it a bug ?

When upgrading from PAN-OS 4.0.9 to 4.1.7, some of traffic logs are not converted from the old logs.
It seems like the logs of about one hour before upgrading are unavailable. I am using PA-2050 and PA-5020.

Alternative to sAMAccountname ,when using Ldap for Authentication

Hi,

When we use to authenticate users through AD, we configure LDAP profile and in Authentication profile tab.

We write "sAMAccountname" for attribute at this window.We want to change this attribute and we want users not to log in with just username; W

...

Resolved! Panorama license limit

Does anyone know if a customer owns a Panorama 25 device license and wants to add device #26, will it not allow them to add the 26th device or will it?

Thx

Threat exception for selected hosts

Hi,

We have defined vulnerability group which consists of AV, Anti-Spyware and Vulnerability profile. The vulnerability profile is configured to block critical events and alert on high and med. I have a need to except few hosts which are alerting for

...

Resolved! 4.1.7 inspection causes corrupt download and speed issues

I have two 2050's in an HA pair A/P on 4.1.7. I have a BGP setup with 100Mbps on one link and 250Mbps on another, and Gb to the LAN and DMZ. I have transferred just over 3G through the PA in the last 60 minutes.

When I turn on inspection (Antiviru

...

Exclude iTunes/App Store from decryption

I am using SSL decryption for all outbound traffic. Prior to the decryption rule I have a rule to attempt to exclude iTunes and App Store traffic from decryption. The rule seems to be working, but the App Store fails with "NSURLErrorDomain error -10

...

Resolved! Panorama - AV and Threat version on individual device in one view?

Hi,

Is it possible to view AV and Threat version running on all devices under Panorama on one page? Panorama -> Managed Devices shows IP address, serial number etc. I would like to know if the similar option is available for AV and threat versions.

Resolved! easy question, routing problem

Hello,

I think it's an easy question, but I can't solve it.

This is the situation.

We have two routers.

Router 1 (bintec RT1202) has two ethernet interfaces with different subnets sub1 (172.16.10.0/24), sub2 (172.16.20.0/24).

Router 2 is our palo alto PA

...

Netconnect can't install normally,after update to Java 7update9

Hi all,

After update to java 7update9 , when i use sslvpn and install pan.jnlp,my install windows display was not normally.(error.png)

Client Use Win7 X64 have this issue.

WindosXP work normally.

Has anyone face this issue?

Regards,

Jim

Resolved! Can AD User Agent 5.0.0-22 be used with PanOS 4.1.x?

I have a large number of AD servers at remote locations all running AD User Agent 4.1.6-5. I do have problems with PanOS 4.1.7 talking to this user agent; it forgets who is signed onto a PC.

Can I install User Agent 5.0.0-22 on my AD servers and exp

...

Resolved! Panorama 4.1.8 LDAP Failure

Having upgraded our Panorama from 4.1.7 to 4.1.8 - we can no longer use the LDAP user authentication.

The user constantly gets "invalid username or password" (same message on the Panorama) - yet this worked without any problems with 4.1.7

On Panorama -

...

Discussions