General Topics

Discussions

Sorted by:

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! OSPF - preventing Ext1 inter-area route redistribution

I am trying to minimize some router's routing table, in a multi-area OSPF setup. As you can see in the attached diagram, my PA firewall is an ABR. It's also the core router of the entire network, DR on each OSPF area with no BDR (it's an HA active/st

...

Resolved! Choosing user certificate when you have multiple such as multiple company VPNs

If a user has multiple user certificates, how can I ensure that the firewall chooses the correct one to use?

For example, a user might have a VPN to two different companies that both have PA firewalls.

I'd strongly prefer not having to have a separate

...

Avaya RTP UDP traffic dropped

Hi All

Trying to get a path working for an Avaya solution. I can see in the log that SIP traffic is flowing without issue. When the user tries to make a call I should see some UDP traffic within a specified range but I do not see it in the logs.

I hav

...

wild card certificate.

Dears,

i am using a wild card certificate for global protect. when i tried to connect global protect agent. i am facing the below issue:-

Certificate description:-

I have imported the wild card certificate that is sign by digicert.

firstly i have impor

...

several IKE Crypto Profiles on the same interface for SITE-to-SITE VPN

Hello dear colleagues,

according to the documentation, there is a limitation for IKE gateways:

All IKE gateways configured on the same interface or local IP address must use the same crypto
profile. (c)

The same restriction is mentioned in the PANOS v8

...

Where is 'dataplane-console-output.log' in PA-820?

Hi,

Sometimes I checked 'dataplane-console-output.log' in PA device.

But I did not found out 'dataplane-console-output.log' in PA-820.

Anybody know where is the above log in PA-820?

Panorama plugin for VMware vCenter

Hello Everyone,

I would like to use custom tags from VCenter in dynamic address groups. We are using VM information sources, but this method isn´t able to fetch these tags. It seems that VMware vCenter plugin can do this thing. Is it good idea to use

...

Dynamic Address Group (DAG) PAN-OS / DAGPusher prototype

Hi guys,

I'm trying to use the the DAGPusher prototype but, unhappily, I'm dealing with some problems. May be some of you could help me with it.

My scenario:

I use a generic miner to extract IPv4 (/32) from a specific location (that is working). The

...

How work App-id when trafic is not inspected

Good morning all,
I have a question regarding the relationship between Appid and Ssl Decryption. How can the Fw recognize an application when the traffic is not inspected?
Example user request https://www.youtube.com/watch?v=2zB2jiCxxuQ. What is the Fw

...

IPSec SA rekey failure

Hello,

I am not an expert on IPSec and its terminology, so I apologize if I write something inaccurate, but I try to do my best. I have an IPSec s2s tunnel between Palo Alto PA-220 and Mikrotik RB4011. The RB4011 is behind NAT so it initiates the conn

...

Traffic logs not shown the recent logs for particular source IP

Hi Guys

One of our customer facing issue that unable to see recent traffic logs for particular source and destination in gui. But we could see the live session on cli by the command "show session all filter source 192.168.x.X destination 172.17.X.X".

...

Issue with traffic on specific proxy id

We have VPN between Palo Alto and Cisco FMC/FTD.

There is user and server traffic on VPN. VPN status is stable. I don't have any user complaining about disconnection.

But I am seeing disconnection on specific proxyid. All of sudden I am getting ICMP re

...

Resolved! Way to see hardware type installed on 7080?

Is there somewhere in the GUI (or more likely a CLI command) that will show me the hardware type of the cards I have installed on my 7080? Specifically, I am trying to see if I have an SMC or SMC-B.

Thanks.

Resolved! Path Monitoring for Alerting Only

Hi,

I'm interested in using path monitoring for alerting. I'm aware that it can be used with PBF, static routes, HA, etc, but that's not quite what I'm after. I have BGP to manage that side of things.

I would like to monitor the path to the internet.

...