General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 

 

In the past six

...

survey-livecommunity.png
jforsythe by Community Team Member
  • 14501 Views
  • 1 replies
  • 4 Likes

http://panwdbl.appspot.com - Not Working

Do you make use of the EDLs available here?

 

If you do you may have noticed they've disappeared, Google says the page doesn't exist.

 

You may want to look for alternatives if you're using these lists.

 

Jason

ethiSEC by L2 Linker
  • 3163 Views
  • 3 replies
  • 2 Likes

PBF for Guest Network

Hello, I'm trying to route all GUEST traffic on a PA firewall to ISP-2. I understand you can use PBF on the PA firewall to route based on source address. I don't have a lot of experience with PBF and have encountered a few issues when trying to imple

...

jocisneros_coe_1-1614805195327.png

Resolved! Application dependency Warning

Hello,

 

We implemented the blocking policy for the custom URL categories however now once committed we receive commit warning like the following:

 

Application 'dropbox-base' requires 'web-browsing' be allowed, but 'web-browsing' is denied in Rule 'outb

...

Farzana by L4 Transporter
  • 4999 Views
  • 6 replies
  • 0 Likes

BGP show Local RIB before Import filters

Hello,

 

After applying Import filters in BGP the Local RIB is reduced to a filtered set of routes advertised by peers.

 

However it seems to be impossible to see what the original set of advertised routes is. The peers are still advertising these routes

...

Resolved! Panwdbl.appspot.com unaccessible

Hi All,

 

Looked at my nodes today and it looks like https://panwdbl.appspot.com is down or decommissioned. Tried going to this URL and I get a 404 error? Has this page moved and I missed a notification, down for good or just an outage? Obviously imp

...

a.jones by L3 Networker
  • 10208 Views
  • 8 replies
  • 0 Likes

Failed to setup Local log collector on Panorama VM

Hi community,

 

I want to setup new panorama VM to replace old panorama M-100 and accept new devices.

I have deployed a vm on ESX with one disk of 81Gb and second disk of 2Tb.

Panorama running version 8.1.13,

you can see partial output of show system info

...

vmplayer_ih9AGwttKU.png

Mac OS Big Sur support

I have accidentally upgraded to Mac OS Big Sur, since then Global Protect app is not able to connect to VPN. 

 

Should I expect Global Protect to work on Big Sur already? Or is it on the way? 

 

Thanks

Resolved! Meraki and Palo side by side with Palo using BGP

We currently have this setup in our datacenter. The Meraki HA pair is the VPN endpoint for our 120+ remote sites.

 

In a DR situation the datacenter has IP mobility, where our current static IPs will failover. This setup uses BGP through the Palo. With

...

setup.jpg
Screenshot 2021-03-02 132554.jpg

Resolved! *Urgent* SSH Protocol Version 1

Hi Peeps,

I got technical query regarding how to change SSH v1 to SSH v2 in PA firewall, Because one of our customer got an alert from VAPT tool like as follows,.

 

 

Description :- 

 

KPMG test team observed that the Secure Shell protocol version 1 suppor

...

Minemeld Corruption

We have a MM instance running.  Three days ago a domain output has a corrupted output:

 

xmagesecurity.com

youpayme.info

zonejs.com

zupertech.com

�0�0�0�p�4�e�n�.�w�c�o�m�h�o�s�t�.�c�o�m�

�0�0�0�p�6�v�l�.�w�c�o�m�h�o�s�t�.�c�o�m�

�0�1�d�b�3�2�0�5�0�5�3�7�5�

...

Resolved! Data Filtering not sending to syslog

I've configured a data filtering profile and have been testing sending the data filtering detections to syslog, then to Sumologic. From what I've read, these detections are Threat Type, Data subtype in the logs. I have a log forwarding profile create

...

DZhang by L1 Bithead
  • 1368 Views
  • 3 replies
  • 0 Likes

Can PA log a address of spoof attack?

Hi all.

I wonder PA can log a IP and mac address of spoof attack such as ip spoof, arp spoof, dns query spoofing attack.

Sometimes, customer want to know above information from PA.

I think PA only drop a wrong packets. isn't it?

Thanks.

Regards.

Roh.

ttongfly by L3 Networker
  • 2517 Views
  • 5 replies
  • 0 Likes
Top Liked Authors