General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Discussions

Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 

 

In the past six

...

survey-livecommunity.png
jforsythe by Community Team Member
  • 520 Views
  • 1 replies
  • 4 Likes

nat64 error

Hello

 

I'm trying to do a NAT from ipv6 to ipv4.

On commit I have an error

 

"Nat64 needs an ipv4 in the rule for dest xlat"

 

Rule : from untrust to untrust , destination ip is ipv6 and translated address is ipv4 destination NAT

 

Thanks.

PanIst by L3 Networker
  • 2011 Views
  • 3 replies
  • 0 Likes

Download The Latest GlobalProtect Client?

I find not being able to download the latest client very frustrating.  I work from home several days a week and the company I work for, has just switched to globalprotect for their vpn requirements.

 

However on my companies client download page...

h

...

carterg by L2 Linker
  • 17567 Views
  • 15 replies
  • 0 Likes

DNS Resolution with global protect.

Dear All,

I am facing some issue with DNS resolution. below is the scenerio.

 

 

 

I have Global Protect VPN setup.
after connecting global protect, i will take RDP of some internal machine.
RDP will take by host name example:- system1.abc.com resolved by I

...

Jafar_Hussain_1-1617959764286.png
Jafar_Hussain_0-1617959726226.png
Jafar_Hussain_2-1617959892551.png

Packet capture drop stage shows production traffic

I have been troubleshooting a intermittent issue where a device that sits behind my Palo Alto running 10.0.0.3 is frequently losing it's connection for UDP port 2156 traffic.

 

Today I ran a packet capture on the PA using the "drop stage" while the con

...

VMware Horizon View via Load-Balancer

Hi All, First time posting here. We have a fairly large deployment of VMware Horizon View and we're recently migrated from our old firewalls (Fortigate) to Palo Alto and since then inbound connections to our View Platform at this site have stopped wo

...

licenses renewal

I'm in need to renew the licenses of a PA-220 LAB registered under my PA account and I need help from someone else that is not who sold this device to renew the licenses. I'm looking to buy the licenses renewal. Thanks
License PAN-PA-220-BND-LAB4-R
PA-

...

Resolved! dynamic external lists sources

Hello,

I am trying to use the Palo Alto Bulletproof, high Risk, and known malicious dynamic external lists. However, I can't add them because the sources aren't listed in the drop down menu of the "Add External Dynamic List" window.

 

 

I read that it us

...

nwnetadmin_0-1617919188682.png

FTP (SCP) Error

Finished generating reports. Please press enter to continue...
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THA

...

NavidAlam by L3 Networker
  • 1738 Views
  • 3 replies
  • 0 Likes

Tips to block Yahoo Mail but not other parts of Yahoo

I wanted to make a post to the community to see what other people are doing about this issue.  We currently have a support case open with Palo for this and has been open for quite some time.  Long story short, users that have previously logged into a

...

tszafa by L0 Member
  • 1300 Views
  • 2 replies
  • 0 Likes

Resolved! Issue in HA link monitoring

Hi, 

 

ISP Primary>>Fortigate Active >> Paloalt Active

ISP Standby >>Fortigate Passive >> Paloalto Passive

 

we have  ISP  is connected with  FortiGate Active  Firewall and FortiGate which is directly connected with Paloalto  Active Firewall same as ISP s

...

Joshan_Lakhani_1-1617727170024.png

Resolved! Need to disable port 443 in WF-500

We are observing https port 443 open in private wildfire WF-500.

 

Please, share the command to disable the same.

 Also in Wildfire services, we have found only SNMP, ICMP and SSH.

Https service is not available, so as to disable it.

 

 

image (2).png
image (1).png

Github-allow access to specific repository

How do I block all Github but allow access to a specific repository? For eg. I want to allow https://github.com/cisagov and block all github using a single URL filtering policy. How can I do that? 

 

I added github.com/* to custom URL list and set it t

...

Miner for Google IP Address

Just in case anyone is looking for a miner to mine for Google IP address, here is a sample miner 

 

  • Google Services Miner

age_out
default: null
interval: 257
sudden_death: true
attributes
confidence: 100
share_level: green
type: IPv4
extractor prefixes[]
in

...

FabianB by L0 Member
  • 1849 Views
  • 2 replies
  • 1 Likes
Top Solution Authors
Top Liked Authors