General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! High Availability for Firewalls in diferent locations over Layer 3 network

Is it possible to configure high availability between Palo Alto VM series Firewalls that are located in different buildings over a network to connect both firewalls?

I have two VM-300 Firewalls that are Active/Pasive with Global Protect in the same p

...

Resolved! MP CPU is a lot higher in GUI than what CLI shows

We have a pair of PA-VM, vm300 in Azure. it's got 16vCPU and 65G of RAM. When I look at the "System Resources" in GUI, it is consistently above 85% and peaked to 100% from time to time.

In CLI, "show system resources" shows it's hardly doing anythi

...

SSL Inspection for Chromebooks

I was having some trouble with SSL decryption on my chromebooks and after a bit of Google searching I came across this Google article and I wanted to share with others since there was nothing like this in the community. If I didn't exclude these when

...

Palo Alto Networks Approved

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all,

Just wanted to post a message about the Hot Topic right now, which is Covid-19.

With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers,

...

Resolved! PBF is working, but I want to exclude GP

Hello everyone,

New here and fighting with my new PA-820.

I have 2 ISP's and I want to make the best use possible of those two.

So I created a PBF which reroutes HTTP and HTTPS traffic over the 2nd modem.

Now I have speeds over 350mbit/s for clients an

...

traffic drop for website for some time

im facing issue when accessing website which is hosted on cloud.i have created object of website and called in policy . this issue occurs when i have called object in destination and im trying to access website .

if i have access this website as dest

...

Resolved! Single DNS_Proxy Interface serving multiple networks

Hi Sirs/Mesdames,

I have a Paloalto with DNS-Proxy activated and serving the LAN interface, let's say: 10.0.0.1 (dns_proxy)

Is it possible to point clients from networks on interfaces/networks to use the same dns_proxy configure for LAN (10.0.0.1)

Ex

...

Resolved! PA upgradation from 9.1.4 to 9.1.9

Hello All,

Need my upgrade my PA 850 Series Firewall from 9.1.4 to 9.1.9. Is it supportable or can i do it directly without concerning about Content updates.

Please help.

Knowledge sharing: Troubleshooting and investigating full hard disk and full partitions (logs, config, root, etc.) issues on Palo Alto devices.

When the Palo Alto partition is full depending on which partition is full differen issues may happen. The Palo Alto versions like 9.1.x and newer have much less issues with disk space like the 8.1 version, so an upgrade to newer version may help in m

...

Destination Nat using ISP Pool address

Hello All,

Need to configure destination Nat with Nat Pool Provided by ISP. Below are the ip details :

182.72.150.0/30--Wan IP Pool

182.72.150.2/30--Configure at Palo Alto Interface

182.72.150.1/30--ISP gateway IP

182.80.48.176/29--Lan IP Pool Provide

...

IT configuration and change management

Hi, Could someone help me with info on implementing configuration and change management for PA firewall's deployed in a large organization .

Thanks

Resolved! ant to check logging rate and disk-utilization used in M200 for log types

We have configured collector group config with local log collector. All firewall's forwarding logs to collector, we can see log incoming rate in panorama for traffic , threat . But for URL , Wildfire and other types of logs logging rate is not showin

...

Content updates compatibility with firmware

Hello All,

PA 850 has been delivered at my office with firmware version 9.1.4 and my company has also purchased Threat Prevention, PAN DB Url Filtering & Wildfire Subscription license. Basically i need to upgrade my device to latest firmware of 10.0.

...

Problem with CDN and AVG Update

Hi

I have an issue about AVG and CDN. I used PA 220 with Details :

Software Version10.0.6Application Version8435-6846 (07/27/21)Threat Version8435-6846 (07/27/21)Antivirus Version3791-4302 (07/28/21)NetworkLayer 3

1. AVG Update

Regarding this issue,

...

Minemeld automatic updates required for future Azure Public IP changes and additions

We have a JSON file from the URL below which is updated weekly:

https://www.microsoft.com/en-us/download/confirmation.aspx?id=56519

Ideally, we would like to pull a list of IPV4 IP addresses out from the section "name": "AzureIoTHub", which needs

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Resolved! High Availability for Firewalls in diferent locations over Layer 3 network

Resolved! MP CPU is a lot higher in GUI than what CLI shows

SSL Inspection for Chromebooks

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

Resolved! PBF is working, but I want to exclude GP

traffic drop for website for some time

Resolved! Single DNS_Proxy Interface serving multiple networks

Resolved! PA upgradation from 9.1.4 to 9.1.9

Knowledge sharing: Troubleshooting and investigating full hard disk and full partitions (logs, config, root, etc.) issues on Palo Alto devices.

Destination Nat using ISP Pool address

IT configuration and change management

Resolved! ant to check logging rate and disk-utilization used in M200 for log types

Content updates compatibility with firmware

Problem with CDN and AVG Update

Minemeld automatic updates required for future Azure Public IP changes and additions

FW Ha Cluster disconnected from Panorama

maximum number of bgp routes for VM-series

Flexible vCPU VM Firewall interfaces are down

Management and Dataplane on Vsys

Site flagged as GRAYWARE (PLEASE HELP!!!)

Re: Flexible vCPU VM Firewall interfaces are down

Re: Data center providing dual ports already in VRRP - my topology?

Re: PAN-OS Release Frequency

Re: Alerts for dynamic updates

Bug Search Tool (New Feature & UI)

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! High Availability for Firewalls in diferent locations over Layer 3 network

Resolved! MP CPU is a lot higher in GUI than what CLI shows

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

Resolved! PBF is working, but I want to exclude GP

Resolved! Single DNS_Proxy Interface serving multiple networks

Resolved! PA upgradation from 9.1.4 to 9.1.9

Resolved! ant to check logging rate and disk-utilization used in M200 for log types