General Topics

MineMeld - Memory Leak or Redis needing configured?

Build: Followed the Azure 16.04 LTM instructions

Problem: Every 3-4 days after increasing to 4 CPU's and 16 GB Memory the memory seems to creep up to the point of borking the instance.

WorkAround: Every 3 days restart the engine.

Context: Curre

...

Resolved! Adding a 2nd ISP

I have been reading up and still trying to wrap my head around the exact setup I need.

Current ISP1 - use for all LAN traffic out including IP phones. Use global protect also. Have external DNS setup so remote.mydomain.com goes to this ip address. St

...

Resolved! Active Active HA3 Through EVPN/VXLAN

Have an Active/Active deployment, single firewall at each DC with EVPN/VXLAN through Juniper cores. Can we have the HA-3 link go through the core switches? We are using daa plane interfaces for HA-2, HA-2B, and HA-3. We have the vlans stretched acro

...

Resolved! L3 ARP entries

Hello Mr.

We need to make some mac address in Palo Alto L3 interface.

the question is that , How many manual arp entries can be added per single interface?

and because no document discussing it, I wanted to make sure if this works as an ARP

...

Shadow Rule Warning after upgrade

Hi All,

We have a customer who has upgraded to 9.0 and they get shadow rule warnings since the upgrade.

All the shadowing rules are more generic with any/any for source and destination, but with source user restrictions.

The shadowed rules have more

...

Saml IDP certificate.

Hi Team,

We need to integrate Saml With Global Protect .We have done the saml configuration in azure perfectly fine.We have exported the metadata file from azure and inported in PA NGFW successfully.We need to achieve through IDP certifcate but the i

...

Global protect client stuck on connecting

Hi All - Global protect client for a few users is stuck on connecting state, is anyone able to help me look into

P 865-T24627 Mar 05 07:15:48:180208 Info ( 495): Server is trusted ***.gpcloudservice.com(0.0.0.0)
P 865-T19203 Mar 05 07:15:48:445236 Inf

...

WildFire Analysis Exclusions? smbv3

Seeing a lot of false positives with WildFire for application ms-ds-smbv3, specifically for PE+MSDOCX files. Is there anyway to just exclude ONLY this application from our Wildfire? I'd really hate to have to create a 2nd WildFire Security Profile an

...

Resolved! Is there a way to limit the number of response or captive portal pages, generated by the L3svc process for 1 second?

Hello to ALL,

I have seen several cases where data plane overutilization may cause the managment plane to crash. In most cases I see the Devsrvr process to commit many times and to restart the L3svc process that uses I think it uses something like n

...

NMAP Scan, PA show open ports

Hello experts!

When I scan my firewall from the internet no matter what I try I still get this..

PORT STATE SERVICE REASON
53/tcp open domain syn-ack ttl 64
80/tcp open http syn-ack ttl 64
443/tcp open https syn-ack ttl 64
8080/tcp open http-proxy syn-a

...

Generate a Global Protect user report

hi there,

I have seen a few posts on this issue. but for some reason, I was unable to see the steps on how to do it.
I simply want to generate a daily report that will tell me how many users connected through global protect in the workday.
if someone ca

...

Resolved! Special NAT configuration. Asking about possibility

I have a working Hub & Spoke VPN network. Computers in Spoke1 can reach the computers in Spoke2 and vice versa.

For some reason, a particular device in Spoke2 with IP 172.16.200.62 can only be reached by the computers in the same subnet.

I want to kn

...

Resolved! GlobalProtect BSOD Windows 8.1

Installed the latest round of Windows (and driver) updates. 1-3 seconds after GlobalProtect connects, I get a BSOD and reboot. I've read through various memory dumps and it's always one of two issues.

pangps.exe -

IRQL_NOT_LESS_OR_EQUAL (a)

An attemp

...

Resolved! Firewall rules for palo alto to update the content (anti-virus,signature...

Hi, anyone can advise how to configure the firewall rule for palo alto to update its contents? Thanks in advance.

Multiple TAXII outputs within a single minemeld instance?

Hi,

If I have a configuration of 2 taxii outputs within a node, the output feed discovery service url for both taxii output nodes are the same, in this case, how do we differentiate them? Would authentication with Tags helps? Thanks!

Discussions