General Topics

Discussions

Sorted by:

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Aged Out in allowed traffic logs

Hi All,

I have a doubt regarding aged-out feature in palo alto firewall.

We are getting logs with allowed traffic towards different ports like port 23, 1433 etc.

The device action is allow and in reason aged-out.

I want to know that whether the traffic

...

Resolved! What kind of files will reside in each partition in palo alto fw

I would like to know what kind of files will reside in below partitions in palo alto FW

/opt/pancfg

/opt/panrepo

/dev/shm

/cgroup

/opt/panlogs

SDWAN Zone Mapping

Trying to make sure I understand this correctly. For each zone to used within the SDWAN they must be mapped to the pre-defined SDWAN zones. For the following example would this be the correct method of mapping:

Pre-SDWAN zones (same zones at all si

...

Resolved! Can there be fallback authentication for GlobalProtect?

I ran into a scenario that rendered me useless remotely, and I'm wondering if I can configure secondary authentication for GlobalProtect...

I used GP to VPN in remotely. My GP is set up to authenticate through Active Directory, and it works fine. I

...

GlobalProtect agent download from direct URL

Hi everyone,

Do you know if it's possible to block the download of the globalprotect agent via the direct URL ?

The goal here is to force users to authenticate in the portal web page to be able to download the agent.

Ex. for the 64bit agent :

https://

...

can we allow sign in to webex only using defined company account ?

I have followed below article and tried to configure http header insertion in URL filtering profile , but still able to login using other company account.

https://help.webex.com/en-us/m0jby2/Configure-a-List-of-Allowed-Domains-to-Access-Webex-While-o

...

Resolved! Aged Out Traffic

Hi All,

Please help me on this.

If I am doing telnet from one server then telnet is working fine but in firewall I can see the traffic is aged out.
I need to know if any traffic is getting aged out, then it should not allow the traffic but how the tra

...

Web Management GUI-SSL/TLS - Palo Alto Firewalls HA Active-Passive

Certificate doubt for Web Management GUI-SSL/TLS - Palo Alto Firewalls HA Active-Passive

Good afternoon community,, I have an important question regarding the use of custom certificates for web-gui management.

I understand that there are configur

...

Resolved! How Palo alto APP ID functions to identify applications when it receives encrypted traffic ?

I would like to know how APP ID works when Palo alto firewall receives encrypted traffic but no ssl decryption is enabled.

Problems to upgrade the OS.

Using the http portal I´m trying to download the OS version.

I have installed the 9.0.5 version and trying to reach 10.1.10 h1. the problem is when I press check now to see the OS versions availables, does not appears nothing new, and in don´t t

...

Trying to block a computers ip address to social media in a security policy rule

I am adding the source ip address that is a computers address to deny social media on that computer using a security policy. I have tried to block my own computers ip address and was unsuccessful. Please help!

questions to advanced url filtering

Hi all,

I renewed licenses and bought the new adv url subscription which is already activated in my customer portal. However, my firewall still has the legacy url license active.

1) Do I need to import the adv url license manually? What happens to th

...

Resolved! Auto-commit failing: interfaces down, not able to force commit

We are struggling with the following error and Palo Alto TAC is not able to provide the proper support, they are just asking us to do an RMA or to factory reset, but the truth is that we are having the same issue in 2 different firewall clusters with

...