General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

OID for check proxy

Hi team
We need a check check for the Palo Alto Firewalls that alerts in case of not having synchronization with the Proxy.

In case of not synchronization, alerts appear and can be viewed in: Monitor > System > '(subtype eq 'url-filtering') and !(seve

...

Cortex XSIAM API to get available custom fields in incident

We have an api to update an incident, in it we can also set values for the custom fields we created in the UI.

POST
https://api-<fqdn>/public_api/v1/incidents/update_incident

BODY
{
"request_data": {
"incident_id": "<incident_id>",
"update_data": {
"field_1

...

How to Audit whitelist URL

We have around 1,000 whitelist URLs in Palo Alto. How can we audit these URLs and determine which ones are active

Resolved! Disable email option completely for MFA

Hi all

Asking this again on general topic in a hope I could get a definitely answer...

Can we completely disable email as an option completely for PAN SSO?

Thanks

Tum

PA-200 upgrade steps

Hi All,

New to PA firewalls and have an old EOL PA-200 running PanOS5.0.6

I would like to upgrade to 8.1.26 but every upgrade attempt fails from the GUI or CLI

I downloaded PanOS 6.0.0 and 6.0.15 but it also fails requiring content version 401

...

Resolved! Advanced-routing ignores BGP local-pref

Troubleshooting a routing issue I've just discovered that the local preference isn't used for forwarding decisions when ECMP is enabled. Has anyone seen this before? I'm about to log a support case, but I thought I'd ask here in tandem.

What I see is

...

Resolved! Microsoft Self-Service Password Reset (SSPR) / GP VPN with User Authentication

Just wanted to share in case others run into this. My company has recently started to use Microsoft's SSPR process which is embedded into the Windows 10/11 OS.

Specifics on how it works here: Self-service password reset for Windows devices - Micr

...

Resolved! HTTP-Proxy allow or deny app

Hi Everyone,

I have a inbound rule in place fro my forward facing web-server and am tightning the policy down to only allow a few apps and a few default ports ssl and web-browsing

When i was looking at what traffic was hitting the rule, Isaw the follo

...

Resolved! How to filter policies by zone

Hi,

Is there anyway to filter the policies by zone? or other parameters? Is there any guide about this?

Thanks a lot.

GlobalProtect prelogon and internal gateway detection

I've been doing mixes of internal and external gateways with customer forever (I usually forget that "always-on" must be enabled for internal gateway detection to even be allowed in the first place).

I'm working on a pre-logon implementation that a

...

Screenshot 2025-03-06 at 11.26.49 AM.png

Screenshot 2025-03-06 at 11.23.39 AM.png

Best method to permit SAML auth and Radius for Globalprotect at the same time?

Greetings all, I hope you can help me.

I currently have Globalprotect set up on a single firewall - both portal and gateway. We're using Radius for authentication, it is working well.

We want to transition to SAML. For testing purposes, we'd like

...

REQUEST: Grace period for GlobalProtect patch checking

Problem:

Because of occasional issues with vendor patches, like MS had early this year, (see URL below), very few companies release patches/updates to clients or servers on the day of release. They test the updates first, then release them days or ev

...

Resolved! Site flagged as GRAYWARE Please Help!!

Hi, a site I am working on with a client is being flagged as Grayware. This is a landing page for a digital agency product and shouldn't be flagged. Can this be reclassified?

This is the domain: https://audiencexlerator.com/

Thanks in advance,

...

PROTIP: Factory Reset from MacOX

tl;dr use the command "cu" instead of "screen".

I have been trying to factory reset a PA-3200 for about 45 minutes. I am using a standard RJ-45 to DB9 serial cable with a USB serial adapter. Following the instructions I get to the step where I ha

...

DNS sinkhole

Hello everybody,

How many policy we need for block and review source of infected hosts?

One or two?

Internal dns is using but we can not see source of users.

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free