General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

PA-200 reported throughput and actual download speed

Hi,

I have a PA-200 at home and am doing some tests with regard to the reported throughput speed using the "show system statistics session" command. To give an idea: I have a PA-200 sitting between my desktop computer and the internet, which is conne

...

Does the Link Aggregate work with HA Active/Active?

Hi, I would like to know this. is anyone ever config it ?

Thank you.

Howto read out ICMPv6 Token Bucket statistics?

Hi,

Would there be a way how to read the statistics about the usage of the ICMP IPv6 token-bucket?

Additionally what is the relation between token based rate limiting as a global device setting and the
ICMPv6 CPS rate limiting in on a per zone configu

...

Dual power supplies

Dear All,

We have more and more requests and complaints from prospective clients requesting dual power supplies on the PA 2xxx and upcoming 3xxx series. This is one of the first questions we get from many prospective clients, and the negative answer i

...

Resolved! Problem with certificate after upgrading GlobalProtect 1.1.7

Hi everyboy.

Up to now, I've had working a Globalprotect configuration, with only a Server Certificate, and it worked very well.

After upgrading to version 1.1.7, I've received the message: "The paloalto.xxxxx.es certificate is not signed by a trusted

...

File Blocking, save file locally

Hello,

With wildfire you can use a policy to send the files to the cloud, so that paloalto networks can analyze it.

Is there a possibility to send the file to a an internal ftp or to save on the device?

Thanks

Easily fooling App ID?

Recently I've seen some information posted on a forum and I was hoping someone could speak to this. Here is a quote:

"I work as a security auditor and I've come across them a few times. The "application" is http (web) which is allowed from the client

...

Default syslog string?

Would anyone by any chance know the "default" syslog string ie. with the parameters $path etc etc... Would be interesting to know to have something to start from instead of beginning, like now, clean...

Br, Christian

Resolved! Moving from a Cisco ASA to PA-5020 Setting up a DMZ zone on the Palo Alto . There is suppose to be a tool to work with the existing cisco configuration to build a config for the Palo Alto

Moving from a Cisco ASA to PA-5020 Setting up a DMZ zone on the Palo Alto . There is suppose to be a tool to work with the existing cisco configuration to build a config for the Palo Alto any one used it or have a copy ?

Resolved! How to include users directly belongs to OU (orgnisation unit) in include group option in LDAP group mapping for user id Agent,..?

Hi All,..

We have installed User ID agent 4.1.5 showing ip to user mapping or traffic, now we are looking to place a user based policies but in AD users are directly belong to OU which we cant add in the include group option in group mapping.. is der

...

Resolved! On device in policies not showing user names, but in user-id agent we are able to see ip to user mapping.

Hi All,

On device in policies not showing user names under the source user tab, but in user-id agent we are able to see ip to user mapping. PaloAlto device is connected to machine on which user-id agent has been installed. Is there any other configura

...

Resolved! 'infra-group: restarts exhausted, rebooting system' and Firewall REBOOTS random

Greetings Again,

Off late I have been hit with quite a few surprises after the release of version 4.1.x. Now this is the latest one that surprises me.

Over the last few months one of my customer's PA-2050 has randomly rebooted which obviously has a

...

Source user not shown in some logs

Hello,

I have developed a script that collects user-ip mapping from a wireless controller and send this info to User-ID Agent. All these looks fine because I can see the users in the User-ID Agent monitor table, but when I look traffic logs on Palo Al

...

Resolved! Anyone having issues with cacti after upgrade to 4.1.8

Grettings, just wondering if anyone else is having any issues with cacti after upgrading to 4.1.8. All my graphs stopped working even though cacti is able to quere snmp just fine. After I downgrade back to 4.1.7 everything is working fine again.

Th

...

Resolved! Responding to DMCA takedown requests

I'm a recent Cisco ASA convert. I'm in an academic environment so bittorrent (and P2P in general) is permitted. We get an occasional DMCA takedown request. Finding the culprit in the ASA world was pretty straightforward: grep the syslog for the NATed

...

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

PA-200 reported throughput and actual download speed

Does the Link Aggregate work with HA Active/Active?

Howto read out ICMPv6 Token Bucket statistics?

Dual power supplies

Resolved! Problem with certificate after upgrading GlobalProtect 1.1.7

File Blocking, save file locally

Easily fooling App ID?

Default syslog string?

Resolved! Moving from a Cisco ASA to PA-5020 Setting up a DMZ zone on the Palo Alto . There is suppose to be a tool to work with the existing cisco configuration to build a config for the Palo Alto

Resolved! How to include users directly belongs to OU (orgnisation unit) in include group option in LDAP group mapping for user id Agent,..?

Resolved! On device in policies not showing user names, but in user-id agent we are able to see ip to user mapping.

Resolved! 'infra-group: restarts exhausted, rebooting system' and Firewall REBOOTS random

Source user not shown in some logs

Resolved! Anyone having issues with cacti after upgrade to 4.1.8

Resolved! Responding to DMCA takedown requests

GlobalProtect SAML Authentication Complete

how to generate an AWS Redis Auth code ?

How to validate Redis connection from vm-series on AWS ?

global counter tcp_case_2

IKEV2 w Cert - Wildcard peer for DN does not work.

Re: GlobalProtect 6.3.3

Re: GlobalProtect 6.3.3

Re: Support PAN-OS Software Release Guidance

Re: MFA external provider question

Re: GlobalProtect 6.3.3

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! Problem with certificate after upgrading GlobalProtect 1.1.7

Resolved! Moving from a Cisco ASA to PA-5020 Setting up a DMZ zone on the Palo Alto . There is suppose to be a tool to work with the existing cisco configuration to build a config for the Palo Alto

Resolved! How to include users directly belongs to OU (orgnisation unit) in include group option in LDAP group mapping for user id Agent,..?

Resolved! On device in policies not showing user names, but in user-id agent we are able to see ip to user mapping.

Resolved! 'infra-group: restarts exhausted, rebooting system' and Firewall REBOOTS random

Resolved! Anyone having issues with cacti after upgrade to 4.1.8

Resolved! Responding to DMCA takedown requests