If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users.
In the past six
...
Is it possible to use a template variable in the PBFs next hop ip address field?
PBF variable
Using 9.0.11
Hello All,
I installed minemeld on aws instance, when I am trying to logging getting "Error checking credential: bad gateway". I checked Minemeld services and getting error as :
minemeld-engine FATAL Exited too quickly (process l
...
Hi Guys,
I am seeing a ton of "generic:<random-url>" hits in my threat logs under the spyware category for DNS queries from my email spam filter server out to the world. I have DNS security set up on the Palo so they are being sinkholed, but there ar
...
Hello Community,
I hope you will be kind enough to share your wisdom on the Minemeld performance tuning.
We are using Minemeld v.0.9.70 containerized instance, connected to the MISP containerized instance and QRadars (a bunch of them) via QRadar TI a
...
Just wondering what is best practice for this?
We have a /29 on our outside interface. We are using the IP assigned for client NAT translation.
Over the coming months we’ll be configuring several VPNs to the same cloud provider.
Should these terminate
...
I have a consultant who is asking if the Global Protect VPN would connect with an OpenVPN-based client? I suspect he is working from a Linux PC.
does Palo support it?
We have a Security Policy Rule with Application rabbitmq, and Service is application-default. In the same Security Policy Rule, we allowed the dependant applications amqp and SSL. When we test traffic, in the Traffic log, we see it matching the zones
...
Hi Guys,
Our company has recently made several acquisitions. All of them have non-palo alto firewalls. We will be migrating each of non-palo firewalls to our palos.
Now, for migrating the rules, we are using expedition.
But, some of them have overlapp
...
Does MM have the ability to remove HTTP:// and/or HTTPS:// from a list of URL's before creating the output file for EDL?
I have PAN running version 8.1.17 and it is configured with two DNS servers on the management interface, you know the usual, nothing special. I have security and NAT rule on the PAN firewall the uses FQDN.
Is there a way to detect when the PAN fail
...
Hi Community,
We wish to add a batch of users to the local database, I'm just wondering if anyone has had experience with scripting this or doing this in batch.
With the command "set shared local-user-database user testuser" it requires separate user
...
Hi everyone,
We have our PA Firewalls in different countries all around the globe.
Lets call them Country1, Country2. Country3 and so on.
All locations are connected to each other via S2S VPN.
We have Panorama in location Country1. And it manages firewa
...
Hi All,
I use PA-220's in HA pairs often, and I've always used a straight-through cable to connect port 7 and 8 from FW1 to port 7 and 8 on FW2. I've never had ANY issues with this configuration.
I just learned that PAN says to use a crossover cable
...
has anyone noticed that globalprotect portal allows a user to download the software without authentication? I'm running 5.0.4. Here's the exact link:
https://{IP/FQDN}/global-protect/getsoftwarepage.esp .
I am trying to access http://www.brokercheck.com from behind the PAN firewall via dynamic NAT without any success. I have other customers behind different PAN firewalls, regardless of PAN OS version, with the same issue access website http://www.bro
...
on:
Upload and Download QoS
on:
Mute the Music while on Hold
