General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Integrate Captive Portal with ADFS using SAML Authentication

Another post regarding an additional method for gaining userID info for non-domain joined assets. There are lots of examples of using other idPs, but not much I could find regarding ADFS, so hope this is helpful for others looking for a similar opt

...

Resolved! Wildfire Blocking on Informational

On my PAN 3220 which is handling Global Protect I am seeing a lot of Wildfire activity where the verdict for these

file upload is benign, severity only informational but the action is to Block. Any insight as to what might be going on?

Resolved! Behaviour of A-URL subscription in PANOS 8.1

Hi all,

Knowing that PAN-DB URL4 license is no longer for sales since last Nov, we have renewed our subscription to A-URL now. After renewal, I can see my other WF, TP licenses have been renewed successfully in Device -> License, however, still showi

...

Resolved! Failed to Send Email Reports

Hi Team,

We have configured, Email Scheduler for the Daily report, We are tested the email severs communication and the email scheduler communication also fine.

But we are not receiving the report, We are receiving the below error in system logs,

"

...

Resolved! RA VPN - SAML testing without affecting production

Is there a way to test SAML authentication for Remote Access without affecting the production environment? In FortiGate I can create multiple independent portals and assign specific users/groups to the portals, but not sure if it is possible in PA. I

...

Destination NAT & port forwarding not working as expected

in a lab environment, i'm trying to test destination Nat & port forwarding, i mapped the port 80 to WEB-1 and 8080 to WEB-2.
while testing i can access only WEB-1.
i did another test where i mapped TCP 22 to WEB-2 and 2222 to WEB-1, i can SSH to WEB-2

...

Knowledge sharing: Globalprotect troubleshooting/investgation. Split tunnel,Globalprotect app/agent configuration options and etc. to solve issues

Hello to All,

Just as a note I have issues with my old community account, to this is why I am using new one for now (Edit: the issue is fixed but I will keep this article under this profile).

I had to use several options in the split tunel options

...

Resolved! JSON parser extractor name with a "-"

I have a JSON list (URL https://ip-ranges.cloud.signiant.com/MediaShuttle) with one part of the JSON path name containing a minus sign ("-"):

{ "us-east-1": { "all_ips": [ "3.83.158.71", "3.87.14.184", ...

CURL ERROR: bind failed with errno 97: Address family not supported by protocol

After the customer upgrades the Firewall to version 9.1.10, the following message appears in the System Log, which is not displayed any more.

CURL ERROR: bind failed with errno 97: Address family not supported by protocol

CURL ERROR: Operation timed

...

Microsoft always on VPN (Windows 10 clients) through Palo Alto

Hi All,

We have several Windows 10 clients (3rd Party but using our infrastructure) that need to transit through our PA-3260 to their home network via MS always on vpn. Unfortunately this does not work, we have a very open "any-any" rule in place for

...

PPPOE interface - dynamic IP - GP Portal

When establishing a connection via PPPOE there is no possibility to select the IP ("None") assigned by ISP in the Global Protect portal configuration, only the interface, which is not sufficient for it to work. I would expect that the IP assigned by

...

Bildschirmfoto 2019-01-18 um 00.17.31.png

Bildschirmfoto 2019-01-18 um 00.17.08.png

Resolved! PAN OS 8.1 support after March 1st 2022

Hi All,

I see that support for PAN OS 8.1 will end on March 1st 2022 for some Palo Alto platforms. On other Palo Alto platforms, PA-200, PA-500, PA-5000 series and M-100, support for PAN OS 8.1 will continue until their respective hardware EOL dates

...

Captive portal

Hi Team,

please confirm whether in pan-os 10.0 and later do we require SSL-Decryption for captive portal.

Is SSL-Decryption is mandatory for Captive portal.

How to see uesr-ip mapping in panorama GUI?

I know there is this CLI command "show user ip-user-mapping-mp all" to view all user-ip mapping Just wondering if this info is shown anywhere in GUI

Thanks,

Resolved! Guidance on swinging an Exchange 2016 On-Prem server from ASA to PA 820 (vWired currently)

Hello everyone, currently I've about 3 publicly available servers still running through an old ASA5510 that I would like to move to the PA 820 that we have. 2 of them will be easy as they're basically web servers but its the Exchange server that has

...

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Integrate Captive Portal with ADFS using SAML Authentication

Resolved! Wildfire Blocking on Informational

Resolved! Behaviour of A-URL subscription in PANOS 8.1

Resolved! Failed to Send Email Reports

Resolved! RA VPN - SAML testing without affecting production

Destination NAT & port forwarding not working as expected

Knowledge sharing: Globalprotect troubleshooting/investgation. Split tunnel,Globalprotect app/agent configuration options and etc. to solve issues

Resolved! JSON parser extractor name with a "-"

CURL ERROR: bind failed with errno 97: Address family not supported by protocol

Microsoft always on VPN (Windows 10 clients) through Palo Alto

PPPOE interface - dynamic IP - GP Portal

Resolved! PAN OS 8.1 support after March 1st 2022

Captive portal

How to see uesr-ip mapping in panorama GUI?

Resolved! Guidance on swinging an Exchange 2016 On-Prem server from ASA to PA 820 (vWired currently)

Client-to-Site IKEv2 IPSec without GlobalProtect

GlobalProtect SAML Authentication Complete

how to generate an AWS Redis Auth code ?

How to validate Redis connection from vm-series on AWS ?

global counter tcp_case_2

Re: GlobalProtect 6.3.3

Re: GlobalProtect 6.3.3

Re: Support PAN-OS Software Release Guidance

Re: MFA external provider question

Re: GlobalProtect 6.3.3

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! Wildfire Blocking on Informational

Resolved! Behaviour of A-URL subscription in PANOS 8.1

Resolved! Failed to Send Email Reports

Resolved! RA VPN - SAML testing without affecting production

Resolved! JSON parser extractor name with a "-"

Resolved! PAN OS 8.1 support after March 1st 2022

Resolved! Guidance on swinging an Exchange 2016 On-Prem server from ASA to PA 820 (vWired currently)