This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 218 Views
  • 0 replies
  • 0 Likes

Resolved! PAN-OS GP SSL Cipher Selection

PAN-OS 8.1 seems to lack the capability to perform fine-grained configuration of cipher suite selection and prioritization for GlobalProtect VPN functions.

 

I ran a fairly detailed SSL functionality assessment on a configured TLS v1.2-only GP gateway

...

Resolved! MS Autodiscover Flaw - Vulnerability

Hi All,

A design issue in the Microsoft Exchange Autodiscover feature can cause Outlook and other third-party Exchange client applications to leak plaintext Windows domain credentials to external servers

Domains that we need to block are listed here:

...

Qui by L2 Linker
  • 3722 Views
  • 4 replies
  • 0 Likes

Resolved! Template Variable IPv6

Hi All,

Does anyone know how to configure an IPv6 address as a template variable? As soon as I put a : in the CSV it throws a fit when importing it.

Thanks,

Kev

KevinJB by L1 Bithead
  • 2435 Views
  • 2 replies
  • 0 Likes

Resolved! Where to Write Security Policies with a Site-to-Site VPN

Hello,

We have a pair of 3200s on our main site, and have added an 820 at a remote site to bring up an IPSec tunnel between the two.

When I initially set the remote site up, I decided to have all the security policies controlling what access the remote

...

Does NAT64 works for inbound NAT

Currently we have configured inbound NAT for DMZ application which is on ipv4. Public ip used for it is  ipv4.

Due to some requirement client from outside network will be coming from ipv6 public ip to access the application. In this case our nat is no

...

Deepak25 by L3 Networker
  • 3965 Views
  • 3 replies
  • 0 Likes

Is my firewall hacked already ?

I have a PA3020 with 7.0.5-h2 PAN-os version.  I noticed that it have a lot of DNS traffic sent to strange IP address. 

when I running 

show system resources command. 

I found  strange process nginx and two syslog-ng there.  Is it normal, how to get rid

...

banny6 by L1 Bithead
  • 3502 Views
  • 5 replies
  • 0 Likes

Something aking to | sort | uniq -c | sort -nr

Like the title says, is there a way to run a filter for a period of time, pull out a list of IPs, sort them, remove the duplicates with a count, and sort them by most popular?

This is a common omegle thing to do with syslog data, say you have a very p

...

Jack45 by L1 Bithead
  • 1842 Views
  • 1 replies
  • 0 Likes

Allow redirect URL with decrytion on.

Hey guys one of my customer I not able to access the Redirecting URL's This Error display (err_http2_inadequate_transport_security)

I checked the logs the traffic  URL shows alert but the decryption is done.

We are able to Access the URL without decryp

...

3rd party managed minemeld feed to local

We have a service provider(SP) with authenticated minemeld feed and we want to pull feed from the SP minemeld which asks for authentication into our local minemeld instance, instead of directly into our firewall. How can we do that.

raji_toor by L4 Transporter
  • 2751 Views
  • 4 replies
  • 0 Likes

ALERT WHEN VPN DESTINATION STOP WORKING

Hi everybody

Currently  have a vpn connection to a remote site , and now we are transferring many info along the day

But sometimes connection closes and transfer interrupts

So we want to sent alerts when this connection o transfer interrupts to be able

...

  • 23615 Posts
  • 107 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks