General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! GlobalProtect iPad VPN App

We have many users getting a pop up readingThe Network connection is unreliable and GlobalProtect reconnected using an alternate method. You may experience slowness when accessing the internet or business applications. Anyone seen this and what maybe causing it? We have never had any issues with GP VPN on any devices for years now/ or since usin...

Renew firewall CA certificate and distribute with GPO

We have created on the firewall a Root CA which also signs the SSL Forward Trust certificate.The firewall Root CA certificate has been deployed with GPO to all our devices there Trusted Root Certificate Authorities.The root ca certificate on the firewall will almost expire and needs to be renewed, but what is the procedure?Select the certificate...

ZEBIT by L3 Networker
  • 3041 Views
  • 2 replies
  • 0 Likes

TAXII feed for SIEM

Hi, I have tried minemeld with few miners and output to the inbounfeedhc i.e. PAN EBL/DBL. It is worked as expected. I would like to push the data to SIEM so that i can perform log analysis based on the indicators. How can i use taxii? I have configured ET.compromisedIP and Dshield miners to send data to new aggregator with output to stllib.fe...

Sly_Cooper by L4 Transporter
  • 47483 Views
  • 53 replies
  • 1 Likes

Resolved! Wetransfer download site we.tl not seen as Wetransfer application

I have created a rule which allow the wetransfer (download and upload) application.But when a user receive an email to download a file the url is we.tl/random numbers.When the user clicks it the firewall doesn't see it as the application wetransfer-download but as category online storage and backup.Is this a bug in the Pan-OS and how can we solv...

ZEBIT by L3 Networker
  • 26205 Views
  • 9 replies
  • 0 Likes

Integrate AlientVault feeds into minemeld

I have been trying to add the alienvault otx feeds to minemeld and followed the steps mentioned in:https://live.paloaltonetworks.com/t5/MineMeld-Discussions/AlienVault-taxii-miner-versus-prebuilt-reputation-data-miner/td-p/157037 However, I get this error while polling:<urlopen error [Errno 1]_ssl.c:510: error:14077410:SSL routines:SSL23_GET_...

prateekj by L0 Member
  • 4290 Views
  • 2 replies
  • 0 Likes

Resolved! Twistlock Jenkins Plugin

Hello -I have Jenkins v2.291 installed. I'm trying to find the twistlock-jenkins-plugin. It installed on our old version of Jenkins. Can anyone point to a location I can download it from. From there I'll try manually installing it.Thanks.

johnca00 by L0 Member
  • 3322 Views
  • 1 replies
  • 0 Likes

Traffic diversion

Hello We have a customer who are running some oracle application in cloud . We have built a site to site vpn between our on prem PA 3200 towards the cloud . Traffic is flowing over this tunnel to and fro Now we have another company called company B and they also want to access our resources in oracle cloud . What could be solution ? do i have ...

SSL Decryption blocking the Google Drive Desktop

Good afternoon, We recently enabled SSL Decryption on our FW and seem to have broken our Google Drive Desktop. We can access Google Drive via web, but just can't access it via the Google Desktop file stream. Anyone experiencing this?

Resolved! No valid URL filtering license warnings on firewalls that are not supposed to have the license

I have several firewalls which use URL filtering and are licensed for it, and several that do not. In Panorama, all the firewalls that do not use it constantly have the Warning: If I click in to the details I see: . Warning: No valid threat content package exists. Warning: No valid Antivirus content package exists. vsys1. Warning: in vsys1, 3 w...

commit warning (2).png
Rich.H by L2 Linker
  • 7844 Views
  • 2 replies
  • 0 Likes

Resolved! Teams Traffic issue

Hello , for one of our customer , they are facing slowness issue with MS teams . they identified issue with the ISP provider link There is a Single Palo Alto gateway . The external interface is connected to a Switch ( L2) and the switch is further connected to Internet Router Now customer is planning to buy another ISP link ( high speed) . Re...

EDL Lists - Minemeld

I've made our Minemeld server publicly available and have provisioned a number of lists we use plus some that were part of the old PANWDBL server. You're free to use this server but please be aware that I don't provide any guarantees or warranties to the accuracy or reliability of the data published. Please remember that this service is provided...

ethiSEC by L2 Linker
  • 4278 Views
  • 2 replies
  • 5 Likes

Use Cloud Service (like Cloud Front subnets) in security policies

I would like to use, for example, CloudFront subnets (I 've about 50 of them) in Security Policies. I find this script https://github.com/chrisgoodwins/paloalto_add-addresses. Is there the way to use a single big static list without use many address objects grouped in a single address group ? Can I use Objects > Regions ? thanks

PA -220 Slow

Hi experts ,When I press commit on the Palo alto firewall It takes a long time around 5 or 7 minutes to complete this task, and Management CPU reached to full as a screenshot. It’s kinda made it really difficult to work on this device now. devise Model: PA-220Software Version: 9.1.8your advice is highly appreciated

YOOG887 by L1 Bithead
  • 4423 Views
  • 2 replies
  • 0 Likes

Resolved! Is it possible to turn off the Globalprotect HIP check report if HIP checks are not used?

Hello to All, From what I read even if the "Collect HIP Data" is turned off on the Globalprotect portal the HIP "hipreportcheck" message is still send by default every hour from the client workstation to the Globalprotect gateway as a keepalive option? https://docs.paloaltonetworks.com/globalprotect/8-1/globalprotect-admin/host-information/con...

  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels