General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Resolved! Upgrade Minemeld Ubuntu 16.04 to 18.04

I tried a do-release upgrade on Ubuntu 16.04 LTS and it took me to 18.04 LTS without issue. However minemeld says "Bad gateway" when I try to log into it. I tried to check for updates and figured maybe the source would be changed from xenial-mineme

...

Resolved! Syntax for security policies without security profile

Hi all, in my security policies on a PA-firewall (or in panorama) I want to be able to filter out all the security policies which have no security profile(s) .

I tried a few combinations in the line of (profile-setting/profiles eq 'none') but alas, n

...

How to check what zone a subnet belongs to?

Is there anyway to check what zone a subnet belongs in if there are multiple zones on the firewall?

Preferably through the GUI?

Resolved! Got error when creating Application object

Hi I am adding a Application object and got the below error message. Anyone can give a suggestion to resolve it? Thank you

macOS Big Sur 11.6.2 - Global Protect 5.2.8-23 - Connected but Internet is not actually working

Hello all,

I received from work a MacBook Pro with macOS Big Sur 11.6.2, I've installed the GlobalProtect 5.2.8-23 which is the only one that I had access to, and it seems like whenever I connect the GP, the connection is successful but there is no In

...

tcp ping from a firewall command line?

From the command line of a next generation firewall i can use 'ping host blah'. Does the CLI have a command to ping a destination via TCP? Or some other tool to do the same?

Blocking Torch browser

Hi All,

I would really appreciate if some one can help me on this.

I am planning to block Torch browser through a firewall rule, using App-ID. But as per information in the community we cannot entirely block the functionality of Torch browser using A

...

Resolved! How to check which PAN OS is compatible to my virtual hardware or Physical hardware ?

How to check which PAN OS is compatible to my virtual hardware or Physical hardware ?

I would like to know minimum hardware requirements for PAN OS versions 9.1,10.0,10.1.

Kindly let me know it for both Virtual and physical Panorama and firewalls

...

Log Forwarding

Hello everyone,

Before the question, the context.

I have a panorama wich managed a lot of devices groups. we have a lot of rules for them. Which all these rules uses the default profile for log forwarding.
I have a new syslog server and i need to forwa

...

Custom Vulnerability Signature to block older versions of Chrome

After reviewing this KB article:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClSOCA0

It looks like you can create custom vulnerability signatures for named browsers.

Could you also do that to limit browser access via a

...

Match next line at cli

Is there a way to match the next "X" number of lines when piping to match at the cli?

I am entering:

show zone-protection zone outside | match udp

and would like to show the matched line and the next three.

This would be analogous to grep -A 3

Cheers!

Zone protection profiles disadvantage or drawback

Hi All

Can anyone tell me the Zone protection profiles disadvantage or drawback

Resolved! Reconnaisance Protection - Action Alert

Hello,

I configured zone protection, (reconnaissance protection), and enabled the tcp\udp port scan and host sweep and chose the default as action "alert".

Afterwards, I noticed in the monitor logs this vulnerability appeared, "ZGrab Application Layer

...

Need example of Configure IPSec VPN with Source NAT

Hello,

I'm attempting to setup a few remote sites to a Hub site all sites have a Palo Alto 3260 firewall. All remote sites have the same internal IPs and subnets on the Trusted side and I'm needing to connect all sites using a IPSEC VPN. I would li

...

Issues when installing Cortex on Debian

Hello,

Currently, we are installing the Cortex XDR agent on Debian servers. We have followed the steps as the documentation says. But, when the services are gonna be started it shows an error:

"sbin/service: not found". All the services show "Stopp

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Resolved! Upgrade Minemeld Ubuntu 16.04 to 18.04

Resolved! Syntax for security policies without security profile

How to check what zone a subnet belongs to?

Resolved! Got error when creating Application object

macOS Big Sur 11.6.2 - Global Protect 5.2.8-23 - Connected but Internet is not actually working

tcp ping from a firewall command line?

Blocking Torch browser

Resolved! How to check which PAN OS is compatible to my virtual hardware or Physical hardware ?

Log Forwarding

Custom Vulnerability Signature to block older versions of Chrome

Match next line at cli

Zone protection profiles disadvantage or drawback

Resolved! Reconnaisance Protection - Action Alert

Need example of Configure IPSec VPN with Source NAT

Issues when installing Cortex on Debian

Add Virus exception

Migrate model FW to virtualwith panorama for policies (recommended procedure)

Newly Registered Domains configuration

Panorama 11.1.8 supports Azure VM series Palo Altos

Task Manager taking few minutes to load (Slow)

Re: Virus/Win32.WGeneric.esuykr(752144200) via filename=msvcp140_2_app.dll

Re: Panorama 11.1.8 supports Azure VM series Palo Altos

Re: Newly Registered Domains configuration

Re: Changes to sinkhole?

Re: API error messages

Unlock your full community experience!

Resolved! Upgrade Minemeld Ubuntu 16.04 to 18.04

Resolved! Syntax for security policies without security profile

Resolved! Got error when creating Application object

Resolved! How to check which PAN OS is compatible to my virtual hardware or Physical hardware ?

Resolved! Reconnaisance Protection - Action Alert