General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! IP - User mapping has stopped working

Hi all,

I'm having a IP-user mapping problem with my PA-500 unit running software version 3.1.8.

This unit is due to be upgraded shortly, but it would really be appreciated if anybody knew a way of resolving my issue without rebooting the unit please.

...

TS-Agent problem

Hi,

we ve got a problem with the TS Agent on out terminalserver. After some time the TS Agent doesnt submit new users to the PA Device or the users submitted have a form error. Nomally the syntax is domain\username, but when the error occurs all submi

...

Resolved! Selective Access to Facebook and Twitter

What's the best way to configure selective access to Facebook and Twitter (where some users have full access, while everyone else has no access).

The sources will be identified by IP address for right now (usernames later when I get to that).

So far,

...

Resolved! Management CPU ends up stuck on 100% after several commits

Hi,

we are on a 2050 4.1.2 and are seeing consistenly that the management CPU heads towards and gets stuck on 100% after a series of commits, re-boot is only way to fix.

Is there a way to deal with this without a re-boot as this drops all sessions for

...

Wildcard for URL White/black list?

Is it possible to wildcard a URL for whitelist/blacklist? The issue we run into is that we will whitelist www.cooldomain.com, but if the user goes to just cooldomain.com it blocks it. Vice versa if we just put whitelist cooldomain.com. So we end up

...

Windows live messenger disconnects constantly in virtual wire mode, even with the policies rules any to any allow

Is very strange, a have several PAN appliances in Firewall mode, and they working well, but in a couple of branches i have another PAN in virtual wire mode, and when inmediatly connects the appliance the windows live messenger disconnects and re con

...

Resolved! Logging of URL Categories in Security policy

All,

I have my normal URL Filtering rules setup as Policy and referenced in Profile of each rule. In those policies I have either alert or block set for each category or custom category. This works as expected, however I'm trying to setup some special

...

Resolved! User-ID Agent Losing Users

We've been running into an issue with our User-ID Agent where it seems to not have enough discovered users but its also losing them randomly as well. Running User ID Agent version 4.1.4-3, we have it pointed at 5 DCs and it is picking up around 1500

...

How to block transferring particular file extensions in Google Talk,.?

Hi All,.

Is it possible to block transferring files with particular file extensions ( eg,..pdf,dwg,dll) through Google Talk? I tried to do this but not succeeded. But in the file blocking profile the application "gtalk-file-trasfer" is there.

When i am

...

KeyWord Search

Hello

On our old firewall which was fortinet we could block keyword search in the web in google etc.

is there anyway to do this on Palo Alto?

Thanks

Darren

Data Filtering keywords

hello can you use data filtering as a block if a user types those words in google search? eg someone types football hits search but block due to the data filter? is this possible? mark

Resolved! How to block people who are trying to exploid vulnabillities for a period of time

Hello everyone,

Our PA's are using the thread prevention system which drops traffic that is trying to exploid vulnabillities, do DoS attacks etc.

All works very nice - but it's only affecting the attempt on an individual basis.

F. ex. - someone performs

...

Resolved! cannot put a interface to work

hello everybody,

I configured an interface, ethernet/5, with ip 192.168.230.1/29 and connected to a device with ip 192.168.230.3/29

Theres no way i can see each other, cannot ping PaloAlto from the other device and vice versa

Ive already changed cables,

...

Resolved! Interface or gateway monitoring

I'm looking for an option which will disable an interface if a remote gateway is not available.

This option exist for ipsec vpn (tunnel monitor) but I didn't find it for an L3 interface.

For exemple, I want to use an interface for outgoing traffic and

...

drop-reset application list

Hello,

I found this explanation about TCP REJECT today :

"The deny action used in a security policy will either ‘drop’ or ‘drop-reset’ based on the app being used in the policy.

For most browser-based apps, it is drop-reset - this prevents the browser f

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free