General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

Can an EDL be used in log searches and custom reports?

I'm interested in blocking inbound traffic from known TOR exit nodes. I have the EDL but want to see what the impact of this policy will be before enabling it, so I'd like to search the traffic logs or run a custom report using the EDL like an address group. Our 7050 (9.0.9h-1) doesn't like the EDL as a search term. Is there a way to do this?...

Resolved! test security-policy-match shows blank output instead of "No rule matched"

Hello to the community, First I'd like to thank everyone for contributing. The community is invaluable. I was wondering if anybody have any ideas why I always see this behavior? Reading through the discussions and doing my own research, I have seen it result showing "No rule matched" whereas my output is always just blank when no rule is matched...

Dedicated Log Collector interfaces

All, I am having trouble finding good documentation on this. Hoping maybe the community has experience with it. I need a few questions answered. We have 2 M600 dedicated log collectors. We plan on utilizing the 10 GB interfaces for Device Log Collection. That part is clear as spring water. The part that is very muddy Log Collector External Log F...

Administrative Install

I'm having trouble finding the correct administrative installation process. I have several field reps that do not have administrative rights to their laptops. I need to install GlobalProtect for them and have it pre-configured with proper certificates, portal addresses, etc. My certificates are self-generated by the firewalls, so are not trus...

Syslog - LFP options

Hi Guys We have PA with version 9.0.4 and have to configure Syslog server log forwarding on the same. Created (syslog) server profile..Now creating "Log Forwarding Profile" there are options "forward method" and "built-in-action" available there. which is not giving so much clarity what need to be configure there, Referred few articles available...

Converting a cluster to FIPS-CC?

Given all of the hurdles one has to go to to get a stand alone device converted to FIPS-CC, I'm told I have to do this on a cluster, so needless to say my anxiety is a bit on the "through the roof" side. Maybe I'm not looking hard enough, but I'm unable to find the steps for an active/passive cluster. I'm assuming someone has already done this,...

Globalprotect Download the system without activate PA

One of our customers wants to download GP client 5.1.3 in the system without activating in Paloalto,wants to test a new client before activating in production Paloalto. Is there any way to download i PA-220OS 8.1.15

UserID agent sessions to public IPs

Hi, We are detecting in Palo FW that there are sessions from UseriD-Agent servers to publics IPs. Our SOC confirmed that some of these public IPs are categorized like low reputation. Sessions are in port 135. I know the UserId agent uses this port but its reaching publics IPs.We have GP enabled, and there are also connections port 135 to the pub...

can we convert non saas application into saas application.

Hi Guys, Can we change manually a non saas application in saas applicationFor example, telegram does not come under saas application can we convert it manually into saas application.

Resolved! BGP "Router ID" and multiple peers

What exactly is the "Router ID" field used for in the BGP tab of Virtual Router configuration?I ask because I'm planning on announcing a /24 to two different ISPs/peers, and each ISP has its own /30 for the transit segment. So, if I make the router ID the IP address for one segment, it is incorrect for the other segment... or does "Router ID" n...

Converting a cluster to FIPS-CC

Given all of the hurdles one has to go to to get a stand alone device converted to FIPS-CC, I'm told I have to do this on a cluster, so needless to say my anxiety is a bit on the "through the roof" side. Maybe I'm not looking hard enough, but I'm unable to find the steps for an active/passive cluster. I'm assuming someone has already done this,...

Resolved! How do i setup a BGP inbound filter that allows only 1 AS

Been looking and googling and can't find it . so I have created a BGP import filter.attached to router group.But the match ... "AS Path Regular Expression" what do i put in there to limit it to 1 AS Find it hard to believe somebody hasn't done this. Also the doco ... sigh I'm thinking something like ^[^_]*$might work . not even sure is pa regex...

Resolved! Major flaw in Panorama: can't configure anything without a real firewall added!

1. Create a Template. Add some network interfaces and zones and related stuff to it. 2. Create a Device Group. Add some Address Objects to it, that you'll be referenceing in your Security/NAT Policies later. 3. Try to create a Security/NAT Policy ... and notice how none of your Zones are available! There's nothing in Panorama that links Tem...

Traffic Question

Hello everyone, I am seeing a strange issue that I haven't come across before and I'm not sure how to troubleshoot it. To make it as simple as I can, sometimes traffic going to a specific destination isn't using the defined OSPF route. So for example, the destination is 10.50.0.0/16 and OSPF is enabled on the virtual router using a specific t...

Correlation log subtype action always allowed?

Is the correlation log_subtype action always allowed? It creates a bit of confusion when the action on the actual event was blocked, but the correlation action shows allowed. Just looking for clarification.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Can an EDL be used in log searches and custom reports?

Resolved! test security-policy-match shows blank output instead of "No rule matched"

Dedicated Log Collector interfaces

Administrative Install

Syslog - LFP options

Converting a cluster to FIPS-CC?

Globalprotect Download the system without activate PA

UserID agent sessions to public IPs

can we convert non saas application into saas application.

Resolved! BGP "Router ID" and multiple peers

Converting a cluster to FIPS-CC

Resolved! How do i setup a BGP inbound filter that allows only 1 AS

Resolved! Major flaw in Panorama: can't configure anything without a real firewall added!

Traffic Question

Correlation log subtype action always allowed?

Failed to generate CSR Device Certificate - PA-520 -

How to request review of residual High-Risk rating when category dispute has been resolved?

PA-445 lost management access

HA Configuration Sync from PA-A to PA-B?

PA-445 setup on Mac

Re: Unable to activate Precision AI network security bundles license

How to get access to the knowledgebase articles (SSO Error)

Re: HA comments before configuration?

Re: show interface logs status by date

Re: About Active-Active on Vwire

Unlock your full community experience!

Resolved! test security-policy-match shows blank output instead of "No rule matched"

Resolved! BGP "Router ID" and multiple peers

Resolved! How do i setup a BGP inbound filter that allows only 1 AS

Resolved! Major flaw in Panorama: can't configure anything without a real firewall added!