General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Blocking Pacman on Google Doodle

We have been trying to block the following website to stop students at our school playing Pacman https://www.google.co.uk/search?hl=en&site=webhp&source=hp&q=pacman&oq=pac&gs_l=hp.1.0.0l3j0i131k1j0l6.965.1399.0.3543.3.3.0.0.0.0.32.89.3.3.0....0...1.

...

Active/Passive Firewalls w/Different ISP Default Routes

I have two PA 5220s running active/passive and HA but connecting to dual ISPs. In a failover situation the passive firewall would assume the active firewalls default route but physically has a connection to the backup ISPs gateway not the active ISPs

...

Resolved! Newbie in need of help: Forwarding traffic logs to a syslog server

Hi community,

I need to forward all traffic and threat logs to a log collector.

I understand most of the process except the security policy part.

Once I create a syslog server profile and then a log forwarding profile, I then need to use that log for

...

Active sessions across inactive vwire

Just curious about what I'm seeing. I have two interfaces that are in a vwire. The switch interfaces which go to the the FW were shut down last week yet looking on the firewall, I see that there are still active sessions which show these two interfa

...

Resolved! Incorrect Rule Assignment UrlCategory Any

External ipaddress 23.35.182.93 is getting incorrectly mapped to a rule "Permit Intranet Sites".

The rule uses a Urlcategory for Intranet sites and the destination has trust/untrust zones with a negate on one specific destination address.

What might

...

Getting intermittent unknown UDP traffic logs

Hi All ,

I am having policy having application group and set services as application default .

Sometime policy is working fine but sometime its dropping packet and in logs showing application unknown UDP.

Could you please suggest any troubleshootin

...

Resolved! Fresh install on Ubuntu via apt won't login (ERROR CHECKING CREDENTIALS)

I've just followed the instructions (https://live.paloaltonetworks.com/t5/minemeld-articles/manually-install-minemeld-on-ubuntu-16-04/ta-p/253336) for setting up a fresh install of MineMeld on Ubuntu 16.04 LTS (on Azure, in this case). Followed ever

...

Resolved! can 2 interfaces have same security zone at the same time?

Will Firewall let me configure same security zone to 2 interfaces but make a decision to egress the traffic based on the route table?

TIA.

Resolved! Adding Routes via Windows

Hello, I'm attempting to add routes via cmd using the 'route' command but I'm encountering issues, none of my traffic is being passed by the gateway.

My intent is for a host (10.10.3.22 in this example) to egress out of R1 (10.10.3.250) to another ne

...

TCP Session Stuck and only manual clear of the session id solve the issue

Dear Community,

we are facing a strange behavior with a tcp flow that is meant to mount a volume on a linux server, from time to time, the session get stuck in the firewall causing an error while trying to mount the device, the topology is as follow:

...

Resolved! NTP server

hi guys,

i am lookin to config PA 5220 as a NTP server for my lan network, this whole network is completely off of internet.

is it possible to config if yes what are the steps.

I tried keeping the Primary and secondary NTP fields blank, but if want to

...

Resolved! HA config sync only manually possible: Commit not synchronized

Hey.

I enabled HA active-passive on a new 3220-pair. HA1a & b, HA 2 & HA backup are green and working fine so far. I can also do a manual sync, which works fine. In HA config i enabled config sync. The failover works fine too, as i tested it.

But it

...