General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Resolved! External Dyanmic List Issue

We are planning to feed our Firewall with new EDL. This EDL using client Authentication with SSL certificate. I already imported the CA and Intermediate Certificate and created Cert Profile. the issue is URL error access... I checked the traffic and

...

Wildfire categorizing as cat=THREAT but not sure why? How to update FPs?

Hi everyone,

Apologies in advance if this has been asked, but this is my first post re: Wildfire.

We receive e-mail alerts via our SIEM when something is categorized as malicious from our PA device, but I noticed that all that is listed within the pay

...

Resolved! Past PAN-OS version

Hi Community,

Is there a way to find out all the PAN-OS versions which were uploaded, installed and executed on a Palo Alto firewall in the past?

Guess this information is hidden somewhere on the TSF but have been unable to find where it´s stored.

Th

...

Resolved! Content Update Issue

Hello,

I am trying to update my OSS PA but am receiving an error of "failed to update content with following message encfilesize." I have tried different content versions and the result is the same. The contents are transferred to the PA via SCP.

...

Voice Call Signalling Issues - Hold, Transfer, Call Pick-up all randomly fail

At a handful of locations when someone calls in and the staff go to pick-up the call it does not pick-up and continues to ring on other phones in the office. When they place someone on hold, sometimes it does not come off hold and they call is droppe

...

Unencrypted HTTP basic authentication not flagged as a risk/threat?

I was doing a side-by-side comparison of various IDS/IPS sensors, including an inline Suricata sensor, as well as my PAN firewall. Suricata throws an alert if it detects that an HTTP Basic Authentication event crosses the sensor over an unencrypted c

...

Resolved! Rule exceptions based on the src & dst zones

Dear all,

Just wondering if there is a way to add exceptions to a rule based on the source and destination zone rather than the IPs itself?

Regards

Master Key Deployment from Panorama

Has anyone deployed a new master key from Panorama to an HA pair? Following the process at https://docs.paloaltonetworks.com/panorama/9-1/panorama-admin/manage-firewalls/manage-the-master-key-from-panorama.html it doesn't mention anything about HA.

P

...

Resolved! How to disable config sync in a HA pair?

Hello,

I'am using to PAN devices in a HA pair, and i want to make some changes on one and not on the other before doing a switchover. Can i disable only config synchronisation and let all the other HA functionality up?

Regrds.

Panorama - logs displayed for some firewalls are almost 20 hours old

Panorama 9.1.2 VM

Both firewalls running 9.1.2 and forwarding logs to Panorama. For one firewall the logs in Panorama are current. For the other they are over 19 hours old for the traffic logs. There is a third firewall where Panorama shows logs m

...

certificate profile

Hi

I want to use/setup a certificate profile for use with an EDL.

The site - internal running minemeld. has multiple int CA.

So for the profile, do I add only the last int CA or all of them.

How does certificate profile work will it say okay if any cer

...

User ID to IP Mapping : limit

Dear Team,

Can i make Limit on User-ID to Map with only One IP address after configuring AD integration

Thanks

Resolved! Panorama receiving logs but not showing in GUI

As the title says, Panorama receives logs just fine but will not show them in the GUI.

I noticed this today. Disks shows unavailable in panorama but in the CLI they're fine.

Unable to send email alerts

I am trying to setup my PA to send email alerts, however when I try sending a test email I receive the following message "Failed to send email to gateway". I am using an SMTP relay server to relay emails from the PA to O-365. Does anyone have any re

...

Rule to allow access for group of IP addresses

New to PA. I'm looking to create a rule to temporarily allow access to any url for a group of IP's.

Discussions