General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Palo Alto Networks Approved

Traffic on udp/3478 (STUN) is been classified as 'unknown-udp' for MS-Teams app

Hello,

Most of our users are running Teams in a Office 365 on Windows laptops, from a network perspective it is just a connection on different ports to random hosts within 52.0.0.0/8 subnet.

The problem we have is with udp/3478 port, some portio

...

Resolved! Websites stopped working after update

Hello,

We have updated 10.2.6-h3 to 10.2.8-h3 earlier and recently to 10.2.10-h9 but in both times we had to do rollback to 10.2.6-h3 because our websites stopped working.

Everything else seemed to work except inbound traffic to these applications.

...

PA equivalent of ASA packet tracer?

One of the more useful features in troubleshooting on the PIX/ASA (which we used until recently) is the packet tracer, which allows us to enter source/destination IP/port, etc and check to see if a given connection is allowed or blocked, and by which

...

unable to access the firewall through both the GUI and CLI modes

I am unable to access the firewall through both the GUI and CLI modes, but the internet is functioning properly. The firewall gateway is located at 192.168.0.1, and it is reachable via ping.

Palo Alto Networks Approved

Resolved! Palo Alto password expires if you don't log in for a period of time

Hi if a admin user doesn't login for some time is it possible for the password to just expire ? Or could the account just automatically become locked out ? Is this such a thing ?

HA-Palo Alto with 2-Diffrent ISP

Dear Community

i have 2-PA configured as HA and need to be redundant for ISP,so i have interface from ISP-A and another one from ISP-B, and from internal service i have VM server that needs only one IP statically work with NAT and 2-Vsys,and using s

...

CVE in the “Vulnerability protection” profiles

Hi

We have a doubt about the inclusion of CVEs in the “Vulnerability Protection” profiles.

Currently [CVE-2025-0282][CVE-2025-0283] are not included in the list of signatures.

Is it possible to request Palo Alto to include them and is there a procedu

...

Panorama Error: Number of address group(x) exceeds platform capacity(x)

Hi All,

We onboarded the 1 pair of Palo Alto firewalls into panorama. It is successfully onboard. New Template stack pushed successfully to firewall. But the device group was failed with “Error: Number of address group(x) exceeds platform capacity(xx

...

Resolved! FTP Transfer BIOC

Hello Palo Alto LiveCommunity,

I’m currently working on a task where I need to create a custom BIOC (Behavioral Indicator of Compromise) and add it to a restriction profile to block FTP command lines. Specifically, I want to prevent FTP-related com

...