General Topics

Discussions

Sorted by:

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Block the Teamviewer connection from outside to a specific computer

Hello! Is it possible to block a user from using Teamviewer whether he or she is on a personal laptop or mobile device using the Teamviewer app to remote/connect to a specific computer inside the corp network? HR has asked to block any outside connec

...

Resolved! IPSec setup with certificate

what are the steps to configure certificate based IPSEC.

Do we have step by step document to configure OR the use of certificates for IPSec.

and what are the steps to troubleshoot Phase1 / 2 for the same?

Zone Protection Profiles

I need to configure a zone protection profile and assign this to our outside interface. However when i attach the zone protection profile to the zone in question users who connect via the global protect vpn client it seems to stop users connecting.
Ha

...

Terminal Services Agent allocates ports outside the defined port range

Hi,

I have the problem, that the Terminal Services Agent sometimes allocates ports to users that are out of their port range.

That leads to the usage of wrong security polices.

For example for one user I configured 22800-22999 as the port range.

That u

...

GlobalProtect not allowing internet access when Parallels or Docker are running

MacOS installed: macOS Sonoma 14.5 latest

GlobalProtect client installed: 6.0.7-372

Parallels Desktop: 18.2.0 (53488)

As the post title says, when Parallels or Docker are running, our GP isn't allowing network access (myself and others are having s

...

User-ID Agent Connected Status Shows Red

This is a PSA for anyone having issues connecting/ setting up the User-ID Agent program on a Windows server.

After installing the correct User-ID Agent from Paloalto's support site, you need to make sure you've set correct security/ access settings fo

...

Unable to add AD group to Group Include List

System logs showing error:

User Group Count of 'xxxx' Exceeds Threshold of 1000.

I am trying to shrink the group numbers by using specific user group.

Issues:

1. on Panorama template setting, there is no option to select the user group, pls refer t

...

After upgradation no traffic flow between DMZ to WAN

Hi Team,

I hope you are doing well.

One of our customers is attempting to upgrade their PAN-OS version from 11.0.4-h1 to a higher version, as the 11.0 version is nearing its end-of-life.

The issue encountered is that whenever we upgrade beyond

...

Error deleting custom URL categories?

I created a custom URL category and then tried to delete it and got this on the validate, any ideas please?

Operation Validate

Status Failed

Details member corp-blocking-exclusions is an invalid reference

Invalid block

Invalid url-filtering

...

Panorama and firewall upgrades schedule

Have a question related to the upgrades;

Can i schedule the Panorama software upgrade ?

Also , can i schedule the Managed firewall upgrades through Panorama ?

I see schedule option for App and threat updates but not for PanOS images

Resolved! User-ID from multiple sources - what takes precedence

Hi,

We are setting up user-ID with agents on member servers, checking domain controller event logs. We also run an internal globalprotect gateway.

With both active and potentially providing the same user-ip mapping, which one does the firewall user? th

...

Palo Alto Networks Approved

Resolved! User ID agent not starting.

I am setting up backup user-id agent 8.1.10-2 on Windows 2016 Standard server.

I have given all the required access to the user-id agent admin account but its not working / refusing to start.

I am using the same credential on existing UID agent 7.0.8-1

...

Error when renewing Certificate "Failed to read certificate"

Hello Bro,

Recently, I was trying to renew a certificate but I received the error "Failed to read certificate".

I have tried it like 4 times receiving the same error.

Tried by renewing the CA first or by the child first, both cases I re

...

SYSTEM ALERT : high : Number of hints on disk has exceeded 5000 due to log forward failures

Hello I receive many alerts with subject SYSTEM ALERT : high : Number of hints on disk has exceeded 5000 due to log forward failures. I do not have panorama (never did). Is there a way for these alerts to stop.

Below is the alert i received from emai

...

Certificate not valid

I am trying to setup Machine authentication, where it actually validates the machine certificate, I have a PKI infrastructure, that pushes certificates to the machines, with there name in Common Name, and SAN, of the machine hostname.

On they Certif

...