General Topics

Join Us in Welcoming LIVEcommunity's 2024-25 Cyber Elite Experts!

LIVEcommunity is pleased to announce the 2024-25 Cyber Elite Program!

LIVEcommunity's Cyber Elite Program recognizes community experts who demonstrate excellence in participation and contributions to other members and Palo Alto Networks customers

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

how to permit SSH access for certain IP addresses on PAN? They should be pingable and reachable too.

Please help me figure out how to allow SSH access for certain IP addresses on PAN firewall.

Thanks,

Roopa

SIP traffic being arbitrarily discarded

Hello Folks,

We are currently leveraging Cisco's IP Communicator platform to allow VOIP to our user via softphone. The scenario is as follows:

1. User logs into a ASA VPN gateway using Cisco Any connect, the ASA is located in an AWS environment.

2. Th

...

Custom miner, 'Commit Failed: unknown node class', no nodes.json file

Hi All,

I followed the same steps as in the ytexample guide.

https://github.com/PaloAltoNetworks/minemeld/wiki/How-To-Write-a-Simple-Miner

Including putting my class in:

/opt/minemeld/engine/0.9.68/lib/python2.7/site-packages/minemeld/ft

By the

...

PA-850 for a home lab

Hello everyone,

I'm looking to purchase a PA-850 for my home lab but after doing some research I have some concerns.

I was planning on buying an 850 on eBay then getting the lab PAN-PA-850-BND-LAB4 through a VAR but I think I will have issues. Based

...

User-ID Mappings Not Showing

Hi All,

As the title suggest, I'm not getting any local user-ip mappings from our Active Directory Domain Controllers.

if I do a "show user server-monitor state all" on the cli I can see the output below (I've removed the domain controller hostname a

...

Resolved! DNS Proxy

guys,

i wanna achieve dns proxy wherein my requirement is as follows:

1. i wanna use my internet browsing PCs to use palo alto defined DNS which will use our ADSL 100mbps connection for browsing.

2. secondly, my other critical PCs will use DNS from exis

...

Need a catalog to select Paloalto UTM for our clients based on there user count.

Resolved! active/active HA with layer3 sub-interfaces

Hi all,

Is active/active mode supported with Layer3 sub-interfaces? I'm trying this in a lab with 2 VM-50's, and whilst the cluster is formed, I seem to have intermittent packet loss; not sure if this is just a limitation of the VM series (in particu

...

Resolved! Cloud ADFS Support for Globalprotect

We wanted to confirm whether GlobalProtect supports SAML for Azure ADFS (Cloud Based)
Do we have any document that has the configuration steps for this infrastructure?

I am not able to find one

Resolved! Custom miner, class not found, no nodes.json file..?

Hi,

I have an issue where the class of my miner is not found.

I saw lmori posting that you need to add your new class to the nodes.json file, however that file does NOT exist.

Tried both cloud init image and an own ubuntu 14.04 server.

Tried my

...

GOOGLE SERVICES ARE NOT DECRYPTED WHEN ACCESSED FROM CHROME AND FIREFOX

SSL Decrypt is configured for all Google Services.
But when using the Chrome or firefox to launch any services provided by Google, the decryption doesn't work. and tried with blocking quic protocol nothing is working

Resolved! User showing unknow.

Dear Fox,

After 2 minutes not able to access the internal resource through Global protect VPN. While investigation I found the user is showing unknown (>show user ip-user-mapping ip x.x.x.x) Attached screenshots name"User-id-01".

using the local authe

...

Linux GlobalProtect pangpa.xml settings/options

I am testing the GlobalProtect on EL8 at my work.

Is there any documentation for Linux on stanza that can be added/modified in ~/.GlobalProtect/pangpa.xml?

Thanks.

User-ID Policies

Hi,

I have a few questions regarding policies using user-id for access.

When I select add, to add a source user into a policy I can start typing a name and it will give me a list of users with thoses names to add in, like a prepopulation.

Is there a l

...

LACP port is Flapping

LACP configure between PA and cisco switch

Active and Active mode and transmission rate: slow

======================================

LACP System log::::LACP interface ethernet1/19 moved out of AE-group ae2. Selection state Unselected(Link down)

l2ctrld

...

Discussions

Join Us in Welcoming LIVEcommunity's 2024-25 Cyber Elite Experts!

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

how to permit SSH access for certain IP addresses on PAN? They should be pingable and reachable too.

SIP traffic being arbitrarily discarded

Custom miner, 'Commit Failed: unknown node class', no nodes.json file

PA-850 for a home lab

User-ID Mappings Not Showing

Resolved! DNS Proxy

Need a catalog to select Paloalto UTM for our clients based on there user count.

Resolved! active/active HA with layer3 sub-interfaces

Resolved! Cloud ADFS Support for Globalprotect

Resolved! Custom miner, class not found, no nodes.json file..?

GOOGLE SERVICES ARE NOT DECRYPTED WHEN ACCESSED FROM CHROME AND FIREFOX

Resolved! User showing unknow.

Linux GlobalProtect pangpa.xml settings/options

User-ID Policies

LACP port is Flapping

Error 500 when attempting to login

URL Filtering - Predefined Category URL Listing

How do I transfer ownership of the superuser/domain administrator?

Automatically adding email DL to every CSP case and receive Palo advisory updates

Verify EDL is working after applying a Certificate Profile to the list

PAN-GPLimiter: Limit Concurrent GlobalProtect Sessions/Connections Per Unique User

Fuel Spark Event Discussion: Identity Management/Zero Trust and Quantum Security (August 22, 2024)

Re: Quick upgrade query

Re: How do I transfer ownership of the superuser/domain administrator?

Re: TERRIBLE GlobalProtect OSX mac application is SPAM

Unlock your full community experience!

Resolved! DNS Proxy

Resolved! active/active HA with layer3 sub-interfaces

Resolved! Cloud ADFS Support for Globalprotect

Resolved! Custom miner, class not found, no nodes.json file..?

Resolved! User showing unknow.