General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1788 Views
  • 0 replies
  • 0 Likes

Global Protect Enforcement Bypass

Hi All,

 

I understand that this is a Microsoft related matter however I'm interested to see if anyone else has come across this issue.

 

With Global Protect Network Enforcement in place (through the Portal Config), it is still possible for local admins

...

Josh990 by L2 Linker
  • 7666 Views
  • 5 replies
  • 0 Likes

Configuration checks against CIS security benchmarks

Hello All, Do any of you compare local firewall or Panorama configurations against CIS benchmarks for security compliance checks ?

Either using an existing tool to check Firewall compliance with the CIS (Centre for Internet Security benchmarks) recomm

...

User-ID Agent 8.1 help needed

Hello.

 

AD integration using the User-ID agent.  We were on 8.0.7-2 and things were working fine.

 

I tried upgrading to version 8.1.0-66 and had several problems with wrong user-id being reported.  I saw in the release notes for 8.1:

• Since multiple us

...

dannon by L3 Networker
  • 5959 Views
  • 5 replies
  • 0 Likes

GlobalProtect issue with Enforcer Network Access

Hello,

 

We enabled a week ago the feature enforce network access on our environment.

We are using internal host resolution to detect if user is inside or outside corporate network.

In a random way, we're experiencing issue with users worldwide. We have

...

Block Psiphon App

Hi,

 

Is there any way to block this psiphon app? is it needed ssldecrypt?

This app uses many apps (ike,ssh,ssl) so we can not block them. How do you block this app psiphon?

BigPalo by L4 Transporter
  • 2827 Views
  • 2 replies
  • 0 Likes

Find disabled administrator accounts

Across a large environment, what would be the best way to audit Palo administrator accounts?  That is accounts found at Device > Administrators.

 

For various reasons we all end up with lots of AD accounts, service accounts and so on there, what I'd li

...

Ping log with 0 bytes sent

Hi Guys,

 

I noticed some strange logs on one of our 5200 firewalls.

There is device behind the firewall that is running constant ping to google dns, traffic is allowed and working normally.

I noticed a some logs that bytes sent is zero... I can explain

...

AlexanderAstardzhiev_0-1623937334598.png
AlexanderAstardzhiev_1-1623937505092.png

Deny PSiphon

Black Psiphon

Dear All, Psiphon was blocked for a long time but this week, we detect it has been working again. i have tried to block it again but without any result, it was blocked for 2 hours and working again after that. I have been checking the tr

...

Multicast, who accessed??

I have tested multicast to be working and is configured as in this diagram. In the logs I see traffic from SERVER zone to Multicast zone. But there is no log on INTERNAL client that accessed the multicast stream.

 

image.png
raji_toor by L4 Transporter
  • 3126 Views
  • 5 replies
  • 0 Likes

Resolved! New install of Minemeld: Timeout errors

I've been beating my head against the wall over the past week trying to get an instance of Minemeld to work on both Ubuntu Server 16.04 as well as within a Docker container running on Ubuntu Server 20.04 LTS.

 

I've followed the below guides verbatim

...

Cisco CAPWAP AP stuck in Discovery

Hi All,

 

Has anyone had problems with CAPWAP AP's separated from the WLC by a PA-220 firewall get stuck in a DISCOVERY OperationState?

 

>show capwap client rcb
AdminState : ADMIN_ENABLED
OperationState : DISCOVERY
Name : ***
SwVer : 8.5.151.0
HwVer : 1.0.0.

...

KevinJB by L1 Bithead
  • 13341 Views
  • 6 replies
  • 0 Likes
  • 24244 Posts
  • 117 Subscriptions
Top Solution Authors
Top Liked Authors
Labels