General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Question regarding SFP

Hi,

I have a quick question regarding the insertion of an SFP Module into a Palo Alto Networks 5050. I have a Finisar FTLX8571D3BCL SFP module that works fine in Ether Port 1/13 (i.e I get link state). From reading the vendor documentation for this

...

Netflow panos 4.1.0

I configured Netflow on OS 4.1.0,

for testing reasing i started with 2 interfaces...but in ManageEngine NetFlow Analyzer I get 3 interfaces!?!?

I tried to identify the interfaces but when I look on the traffic showing up then I'm pretty confused...the

...

Resolved! DMZ network configuration

We have installed PAN-2050 in my customer site.

It has been deployed with two L2 interface as vmwire.

And we made one L3 vlan interface for secondary IP.

There are 2 IP subnets. (192.168.10.0/24, 192.168.1.0/24)

One(192.168.10.0/24) is for user.

The other

...

Can I verify a config before doing a commit?

I was writing a rule to allow ciscovpn to only certain addresses, so I added a destination and the application I chose was ciscovpn. I added it to the policy and then did a commit. it came back with messages saying that ciscovpn needed ike to func

...

Resolved! AntiSpyware Response Page

Did the AntiSpyware Response page option go away in version 4.1.4? Seems like I tested with it and saw an option for an AntiSpyware page in eariler versions of 4.x, but I'm not seeing it listed as an option on the firewalls or in Panorama in 4.1.4.

FAIL TO PARSE SECURITY POLICIE

Hi guys

I`m having a big problem

When i try to commit my security policies show this erro.

Details:
· Error: Failed to find address '10.2.69.100 '

· Error: Unknown address '10.2.69.100 '

· Error: Failed to parse security policy

· (Module: device)

· Commit f

...

Resolved! Layer 3 Interface Trunk Configuration

Hi,

I am a new Palo Alto firewall user, however I have been working with firewalls for some time. I have a couple of quick questions;

1) Does the Palo Alto PAN-OS firewall have equivalent of the "shut" or "no shut" command to turn an interface on or

...

how to browse for adding specific AD group in LDAP authentication.

Hi..

Customer would like to use SSL VPN with Active-Directory.

So, I have configured SSL VPN with LDAP Authentication.

There was no problem to connect SSL VPN with LDAP Authentication.
after verify SSL VPN connection, I was going to add some specific

...

VPN Client -> Site IPSEC configuration

Hi,

Have you a documentation or a procedure describing how to setup a VPN Client to Site connexion in IPSEC (I am using a P200).

Regards

Boris

Resolved! PA-4000 Security and NAT "add rule" configuration limit

Is there information on Security and NAT "add rule" configuration limitations for the PA-4000 series?

Adding multiple IPs to external interface

I am interested in adding all of the IPs from a range like x.y.z.40/28 to the external interface of the PAN.

The verbiage on the GUI makes it sound as if I need to add each IP individually.

Can I add a range as listed above by entering it as x.y.z.40/

...

Resolved! URL logging without URL Filtering license

We are trying to log all URLs without having a URL Filtering license

For that we created a custom URL category containing

*.*

*.*.*

Seemed to work but when we compared the amount of log entries to the proxy logs we discovered that we only see less than h

...

CLI cmd to show system log

I'm trying to use the CLI to get a list of SSLVPN logins, but keep getting either "sytnax error at end of input" or "syntax error at AND" errors. what i've attempted so far is variation on:

show log system subtype equal sslvpn object equal "Test SSL-V

...

ThreatLog forwarding doesnt work

Hi All,

I have configured the PaloAlto to email me threatn logs for medium , high and critical alerts, but it seems to email me only medium threat alerts, how do i fix this 

Please find attached my log forwarding profile.

My email profile is configure

...

Combining NAT rules?

Whil my NAT rules are working fine I get the feeling I am missing something with net rules. I have an external ip which needs three ports forward to separate internal server: port 7000 goes to port 3389 on 192.168.1.1, port 7001 goes to port 389 on

...

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free