General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

How to route internet traffic through a tunnel interface

What's the best way to route all internet traffic (except IPSec VPN tunnels) through a IPSec VPN tunnel interface?

We want to have a single point where all internet traffic passes through and uses the same policies for web and applications.

Resolved! Panos 4.1 and new pan agent

Hİ

i tried panos 4.1 and new agent(4.1-0-43) with active directory domain (but a way agent successfuly connect to active directory domain and showing active directory users)...i have trouble panos 4.1 when pa box try to connect pan agent i see below

...

Resolved! Round Robin NAT?

Hello,

I'm running PANOS 4.0.11 and I'd like to be able to set NAT to round robin between 2 servers in the DMZ. We would have a single public IP round robin NAT'd to two internal IPs. Is this possible on 4.0? How would I accomplish this?

Thanks,

Ian

syslog from PAM OS 3.1 to 4.1

Hi,

I migrated our PAN FW from 3.1 to 4.1 and there is some more fields on TRAFFIC and THREAT syslog format.

With 3.1, using syslog-ng, I got:

Sep 27 00:00:35 giacometti-2 00: 00:35,0003C100873,TRAFFIC,end, etc ...

Since by defualt in 4.1 there is more f

...

Resolved! Software Upgrade Question

When upgrading from PanOS 4.1.6 to 4.1.7, will the device fail over without issue as it installs the new software or will I have to schedule an outage? Thanks in advance.

-Matt

incomplete

Hello,

I need urgent help. I dont know why but from one moment during the day is one website unreachable from our internal network(only this website). There was no change in configuration PA500, no changes in web server configuration. From outside of

...

Resolved! Commit not showing who did it in system log

Dears,

I have a serious issue, yesterday the internet became down suddenly, when i check the firewall, i find out their is big changes happened on the firewall without us knowing, no one have change anything, when i went to the system log to see the

...

Resolved! IPSEC VPN implementations

Hi this is one the sample output that i captured when i established a VPN tunnel between 2 PA firewalls.

As far as my knowledge goes Ike SA's are bi directional and IPSEC SA's are uni directional correct me if i am wrong.

But here i see 2 SA's in Phase

...

Resolved! Re: Upgrade Process Using Panorama

Hi do we need to activate the devices first time from Panorama is that mandatory?

I already activated the devices and now when i try to add auth codes for rest of the devices its not happening and throwing error saying auth code already used.

Can some

...

stunnel download triggering Virus/Win32.WGeneric.bpzq alert

Has anyone using a Palo had need to download stunnel and, if so, did it trigger a Virus alert for Virus/Win32.WGeneric.bpzq?

Would like to confirm that the download has not been compromised before I bypass this alert - and I'm assuming it's not just b

...

blocking traffic with User-Agent header, ie Mobile

We have a need to block mobile devices from getting to a particular host with active-sync, imap or pop3. From what I have read looking for and blocking traffic based on User-Agent is possible. Anyone ever do this with the PA ?

Thanks,

Justin

Resolved! UIA 4.1 - Monitor multiple domains

Hi,

Simple question, resulting from mixed messages I've received:

When using UIA 4.1 is it or is it not possible to monitor user/ip mappings for multiple domains (with trust between them) using a single User-ID agent?

Thanks.

Firemon

Hi all, I have just installed a firemon appliance and have added the palo alto firewalls.

they all seem to be pulling the configs but I see no change in the Audit log.

Also the Log Status is red on all of them (In Firemon)

Has anyone got this working?

I

...

Resolved! User Agent

Installed the user agent on a windows 2003 server. every time you try to start the service you get the windows box stating the service was started, but then stopped.

Resolved! Questions on Palo Alto safe practices

Hi i have a few outstanding questions on Palo Alto devices. We just migrated from Juniper to PA line. So these might sound silly for people who already are on PA line.

Do we have any primary and back up images on PA firewall . Just like in JUNOS if on

...

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free