General Topics

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

Resolved! Incorrect Rule Assignment UrlCategory Any

External ipaddress 23.35.182.93 is getting incorrectly mapped to a rule "Permit Intranet Sites".

The rule uses a Urlcategory for Intranet sites and the destination has trust/untrust zones with a negate on one specific destination address.

What might

...

Getting intermittent unknown UDP traffic logs

Hi All ,

I am having policy having application group and set services as application default .

Sometime policy is working fine but sometime its dropping packet and in logs showing application unknown UDP.

Could you please suggest any troubleshootin

...

HTTP Error 413: Request Entity Too Large

Hi there,

Our team is having an issue when blocking a list of IOCs using the minemeld-sync.py script found at https://live.paloaltonetworks.com/t5/minemeld-articles/uploading-list-of-indicators-to-minemeld/ta-p/162242.

We currently have around 10,000

...

Resolved! Fresh install on Ubuntu via apt won't login (ERROR CHECKING CREDENTIALS)

I've just followed the instructions (https://live.paloaltonetworks.com/t5/minemeld-articles/manually-install-minemeld-on-ubuntu-16-04/ta-p/253336) for setting up a fresh install of MineMeld on Ubuntu 16.04 LTS (on Azure, in this case). Followed ever

...

Resolved! can 2 interfaces have same security zone at the same time?

Will Firewall let me configure same security zone to 2 interfaces but make a decision to egress the traffic based on the route table?

TIA.

Resolved! Adding Routes via Windows

Hello, I'm attempting to add routes via cmd using the 'route' command but I'm encountering issues, none of my traffic is being passed by the gateway.

My intent is for a host (10.10.3.22 in this example) to egress out of R1 (10.10.3.250) to another ne

...

How to extend minemeld read timeout

We keep getting a read timeout error for a miner that fetches a list of urls from an API. Which is quite slow, it takes more than 20 seconds in postman. We would like to extend the period minemeld waits until data is received. Does anyone know how to

...

TCP Session Stuck and only manual clear of the session id solve the issue

Dear Community,

we are facing a strange behavior with a tcp flow that is meant to mount a volume on a linux server, from time to time, the session get stuck in the firewall causing an error while trying to mount the device, the topology is as follow:

...

Resolved! NTP server

hi guys,

i am lookin to config PA 5220 as a NTP server for my lan network, this whole network is completely off of internet.

is it possible to config if yes what are the steps.

I tried keeping the Primary and secondary NTP fields blank, but if want to

...

Resolved! HA config sync only manually possible: Commit not synchronized

Hey.

I enabled HA active-passive on a new 3220-pair. HA1a & b, HA 2 & HA backup are green and working fine so far. I can also do a manual sync, which works fine. In HA config i enabled config sync. The failover works fine too, as i tested it.

But it

...

BYOD Decryption

Has anyone been succesful in using decryption on a network where most computers are not on the domain? I am working at a school where all students are bringing their own devices so we cannot push decryption certificates through group policy.

Thank you

I can't see sufficient information on OpManager Dashboard

Hi everyone,yesterday we've installed OpManager in our company to monitor VPN Users of GlobalProtect,i've fully turned on everything on SNMP Side but somehow i can't see some of performance monitors like Active VPN Users,Active VPN SSL Tunnels,VPN Tu

...

WhatsApp Image 2020-03-20 at 10.45.28.jpeg

Web Security Gateway and PaloAlto NGFW

Hi If I have a palo alto firewall as a core firewall, should I still use a web gateway for internet access. I have all subscriptions.

Thanks

Resolved! dedicated HA interface

Hello, I would like to ask if there is some way to take a packet capture in ha dedicated interfaces I know how to do it in management interface and data plane interface but not found information about how to see the traffic in this interfaces, thak y

...

Resolved! Authentication issue

i have recently upgrade my firewall from 8.1.16 h3 to 8.1.13 h3. When the user connected with Global protect after sometime user is unable to access the application infect global protect show it's connected. when i saw in monitoring traffic it's sh

...