General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Panorama and vm upgrade

Hello all! Im gonna upgrade Panorama + a bunch of vms from 10.1.0 to 10.2.x.

On the path up to 10.2.x, do i need to stop at 10.1.8 before upgrading to 10.2.x? Or can i just take a leap from 10.1 to 10.2?

Also, running Panorama at 10.2.2-h2 and vm's

...

Resolved! OS Upgrade from 10.0.10 to 10.1.6 U-Turn NAT Stopped Working

Hello,

Originally on our PA-3250's we used Source with Bi-Directional NAT and just added in the trusted zone(s) to the security policy for U-Turn NAT to work, and this worked flawlessly. Now we upgraded to 10.1.6 from 10.0.10 and it stopped working

...

QOS statistics cli

Hi,

Is there a way to see QOS statistics users tab for a class from cli ?

Thanks.

Downgrade Firewall from 10.0.0 to 9.1.1

Greeting Team!

I noticed some problems with a downgrade in my internal lab. So, some information: I want to downgrade from 10.1.7 to 9.1.1 (i need it for the experiment).

1st step i downgrade from 10.1.7 to 10.0.0, everything fine. But, when I want t

...

wharsapp block

I have blocked WhatsApp on my laptop but not blocking on my mobile. My laptop going to authenticate throw the Active directory.

Also, my mobile wifi going to authenticate throw the Active directory but on mobile WhatsApp not going to block please sug

...

Resolved! GLobal Protect Spit Tunnel not restricting domain/applications.

Due to the Void-19 situation and users having to work from home. My company want to reduce bandwidth Utilization by excluding Zoom traffic through global protect. the I.T team has decided to exclude zoom by configuring the "Exclude Client application

...

How to find ALL the links related to a website.

Looking for the better idea.

User reported xyz.com site is not working, When I look at the firewall logs xyz.com was allowed in firewall.

And I filtered the logs with source IP for 5mins time frame and found deny logs for particular IP address 1.1.1.

...

Resolved! QoS - Guaranteed bandwith

Hi Team!

I'd like to ask about QoS Guaranteed Egress, because I'm not sure I understand the topic well. (used devices PA-220 and VM-100)

Here's what I need to do:

My branch office bandwith is limited by the ISP to 30Mbit/sec (ethernet1/1 WAN in

...

Resolved! How to configure per-client certs on GlobalProtect?

NOTE: the freeware pfsense firewall can configure a working VPN with user passwords and user certs (2FA) inside of 20 MINUTES. With Palo Alto Networks, I'm on WEEK 6.

Where I am at:
1) I have GlobalProtect working with password auth. (Had to call tech

...

OID SNMP FAN AND POWER SUPPLY PAN 3220

hello friend, nice to meet you, I wanted to see if anyone knows if the PAN 3220 with Pan-OS 9.1 supports the OIDs to know the operating status of the power supply and the FAN

PAN-DB URL Filtering Categories list for PAN-OS 10.1.x

Does this document below apply to PAN-OS 10.x.x or just for <9.1

Where Can I Find a Complete List of PAN-DB URL Filtering Catego... - Knowledge Base - Palo Alto Networks

We are trying to block URLs on both 9.1.x & 10.1.x, but it seems there are U

...

Web GUI doesn't display any software versions

After installing a new PAN-OS and going to Device/Software tab, it's blank. Nothing there, not even the old PAN-OS. Any help is appreciated.

Want to allow specific file name file blocking

Hello Team,

Please let me know is there any way to allow particular file name .

Example:- I want to allow for all user that they can download test.txt but i want to block all other .txt file.

Resolved! ctd-agent-connection error

Dear Team,

The following error is occurring in the firewall

type : ctd-agent

severity : high

event : ctd-agent-connection

description : Failed to establish GRPC connection to service : failed to start grpc connection with address -----

I would

...

Paloalto cannot resolve specific FQDN through Nslookup & "fqdn refresh" is not working on CLI console

Hello all,
Our client company uses FQDN A and B that Nslookup the same IP, and the firewall has a DNS access policy applied with these FQDN.

Recently, the customer deleted the DNS of B, and if it is normal operation, it should be normal service with F

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free