General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! APP-ID Doubt

hello community,

I have a question that I have not been able to solve with the study material and it keeps breaking my head.

Here it goes, when I generate an application-based security policy, for example from "trust" 10.xxx to "untrust" any
with app a

...

ServiceRoute

I have configured trust and untrust zone with respect to their interface.

I create policy of any any...my firewall internet only work when i configure service route and destination as outgoing interface,if i set it as default and select use managemen

...

Veteran Exam Voucher

Hi, I'm in the process of working on my Palo certification and saw that I could request an exam voucher on https://live.paloaltonetworks.com/t5/second-watch-articles/step-10-request-exam-voucher/ta-p/304454 but I have received no response from the f

...

Resolved! gp logs sync with the passive but with time difference!

Hello,

Logs should only be placed in the active node, however i am keep monitoring the globalprotect logs for 3 days and i am sure that the active node does not change, however the logs is still appears on both nodes each with different time.

Did som

...

Resolved! [API]PYTHON PANDEVICE - SET SECURITY PROFILE

Hi all,

I'm using PaloAlto's API for the first time.

My idea is the following:

- for each rule, I would like to apply a security profile based on the service setted.

Reading some docs online i wrote this pseudocode.

HOSTNAME = '192.168.55.10' API_KE...

Publish Custom ACC Tabs

I created a custom ACC tab with some filtered widgets and need to share it with some other users to monitor the network over the weekend. The users are not proficient with panorama, I basically want them to watch the tab I have created and call if X

...

PaloAlto Logs Issues

Having issues regarding the log.

cannot see any logs on the Palo alto firewall.

The changes: - we downgraded from Panos 10 to Panos 9.1.x since then we cannot see any logs.

Windows based user-ID agent not collecting mapping logs

Hi Team,

We have installed the windows based user id agent on domain controller and created service account with necessary privileges following below guidelines.

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/user-id/map-ip-addresses-to-u

...

Resolved! Changing Master Device - Panorama

We have recently gone through a firewall hardware upgrade, and the device that was replaced was our old "Master" device in Panorama. I would like to make the new device our "Master" device, but I am intimidated by the call-out "When you change the Ma

...

Getting Systems Alerts

Hello,

I am getting system alerts in my firewall below is the error:-

Disabled applications in vsys1: cip-ethernet-ip-disable-io cip-ethernet-ip-disable-sfc cip-ethernet-ip-enable-io cip-ethernet-ip-enable-sfc cip-ethernet-ip-read-mod-write cip-ethern

...

Resolved! Log Collector not receiving logs.

Hi All,

We have deployed 2xM200 Log collectors for log collection. They are registered on the panorama and show in-sync. I have done the collector-group settings. Now when I go to Panorama > Managed collector > the log collectors show disconnected st

...

Betternet VPN Lemon VPN blocking

Anyone know how to block these 2 apps?

Betternet VPN

https://www.betternet.co/

Lemon VPN

https://play.google.com/store/apps/details?id=org.lemonvpn.android&hl=en_US

We have a BYOD at our K-12 education schools, and students are bringing their own devic

...

How to check VPN counters for a specifc dest IP?

how to check IPSEC VPN counters in CLI for a specific destination IP address?

Peer is claiming the traffic is leaving their firewall but I don't see it on my pcaps and logs. How do I verify the traffic is actually passing through the VPN and hitting t

...

Resolved! Panorama

Just need to know is there a max size for a Panorama log file and if so what is that size, currently we are at 1.6TB and want to make sure we are not over the limit and into possible file corruption scenario

Hyper-V Compatibility issues

Hey,

I'm running a 3 Node S2D on Server 2019.

Currently migrating from VMware Hypervisors which has the Palo Alto running on it, instead of doing a Migration\Conversion i want to build a new server.

I'm trying to setup a Palo Alto VM-300 Series Virtu

...

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free