General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

Resolved! Panorama 9x - how to delete Child DG ObjectX if Parent ObjectX exists

In Panorama 9x (specifically 9.0.6) if `Object-X` exits in both the Parent DG and a Child DG - you cannot delete the Child DG `Object-X`. In the Child-DG, the "delete" button for that object is grayed out. In the Parent-DG the delete button is available. But we need to delete the more specific Child-DG object in order to only have the more gl...

Latest GlobalProtect host checker supported antivirus & firewalls list

Hi guys, I'm searching, if exists, a knowledge article or a PDF more recent than this one : https://knowledgebase.paloaltonetworks.com/servlet/fileField?entityId=ka10g000000D5kyAAC&field=Attachment_3__Body__sBecause it's for GP version 4 which is outdated (2018 according to PDF property tags) as we currently are in v5

How to configure HIP.

Hi team, ++ I want to configure HIP- Anti Malware with virus definition version.++ I see in HIP log for Definition version as 200729-4 but I am not able to configure the same in Virus definition option in HIP anti malware.++ I am not able to use any kind of characters and not more than 5digits.++ How do I configure this ?? Attached my HIP log. ...

Block all SSH outbound

For a home user who uses VPN to access internal network, how can we block all his SSH outbound connection to internet?

IPS is not detecting threats

Palo Alto has recently released signature for CVE-2020-3452. however when performing a POC, I cannot detect any threat. I am using link available to public use - https://<domain>/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../ but when tried, there is no threat being detected...

How to configure PAN-OS to email/alert me of potential attack?

So, you would think this would be an easy thing to learn and configure, however I can't seem to find the answer from any PA walk through, or through PA support. I'm simply looking to configure my PA-3020 (PAN-9.0.0), so that if a new threat is detected in the threat list, that I will be notified via email. I have already setup PDF summary, but...

Working remotely with Mitel MiVoice Connect, GlobalProtect, and Softphones?

Is anyone using Mitel Connect and Softphones in a remote work environment where the user has GlobalProtect? We are trying to get that to work. The only issue we have at the moment is that the microphone isnt working on the remote device. The user can hear the other person, but cant be heard. Its like the microphone traffic isnt going back up t...

Failover of IPSEC Tunnels from active to Passive Firewall

Hello, I have a setup of Two AWS_VM-Series_Palo Alto devices, which are acting as Standalone firewalls but as Primary and Secondary respectively on AWS. Due to some limitations, I cannot configure HA between them, however there is a tunnel connecting these two firewalls for manual traffic failover. Now I would like to setup tunnel monitoring and...

QoS_Rate-Limit_Guest Network_NAT query_Configuration example

could someone advise me to set rate-limit for guest(10.1.10.0/24) traffic in this topology I read the article that We need to apply policy on egress interface always. Hence, for upload, it's on outside interface connected to Internet and for download it is on inside interface (ae) connected to SW(1) Internet Speed 500 Mbps(2) Rate-limit for Gu...

Bypass video traffic exclusion

Hello, We have GP set up and one of the settings include "Exclude video traffic from the tunnel". However, we have come across an issue that private site for developers hosted in 10.0.0.0/8 network includes internally hosted videos (http-video app-id) needed for work. So when user tries to connect to website while connected to GlobalProtect, it ...

Resolved! How to forward the logs before yesterday to syslog server.

Hello,We were forwarding log from PA-5220 to syslog server.On July 2, 2020, our syslog server failed and it was unable to get most of the July 2020 logs.Now that the syslog server has been recovered, I want to forward the logs that from July 2, 2020 to today to syslog server.Is this possible...?Could you tell me how if possible?(Sorry for my poo...

Virus/Win32.WGeneric.akbori |

1) Why is this virus triggering in Palo Alto events and Palo detecting this & alerting ?2) How hashes are different, is there false positive. DetailsSourceMD5SHA-1SHA-256Virus/Win32.WGeneric.akbori(345886398)Paloaltoce27d52c7d1f59ad2c867e97339fa2122dda6a0bb6c587c0b8731c094d76187b80c866d137aa186c2e7ca3e3f22264da9744995252e131469a8261761ce2ae3...

Resolved! Students, using HTTPS now on Proxies

Hi, we have banned the http-proxy in school to stop them downloading and accessing sites they shouldn't, however they have now found using https based proxies bypasses this. What is my next possible solution in my ever on going war with students. Any advice / help much appreciated. Thanks in advance.Darren

Kernel panic on a PA-500 device ...

Hello,Anybody ran into such issue with a PA device ?"Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(8,2)"Then device goes into loop boots... No way to make it boot, even using the maintenance partition.Is there a way to use the front USB port to rescue ?Any idea ?Regards,Laurent

Almost maxing ssl decryption settings

Hi,We own a PA-2050 running version 5 of the pan os in a school.I have recently noticed that we are now approaching the ssl decryption limits of the device. i.e. 977/1024.Previously I didn't know that there was such a limit.What is the best method to reduce this number?ThanksWarwick

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Resolved! Panorama 9x - how to delete Child DG ObjectX if Parent ObjectX exists

Latest GlobalProtect host checker supported antivirus & firewalls list

How to configure HIP.

Block all SSH outbound

IPS is not detecting threats

How to configure PAN-OS to email/alert me of potential attack?

Working remotely with Mitel MiVoice Connect, GlobalProtect, and Softphones?

Failover of IPSEC Tunnels from active to Passive Firewall

QoS_Rate-Limit_Guest Network_NAT query_Configuration example

Bypass video traffic exclusion

Resolved! How to forward the logs before yesterday to syslog server.

Virus/Win32.WGeneric.akbori |

Resolved! Students, using HTTPS now on Proxies

Kernel panic on a PA-500 device ...

Almost maxing ssl decryption settings

BPA API Query Error

Support Down??? Unable to Open tickets.

Foward Trust Cert and MacBook Pro

Where can I find learning resources for PA net sec pro cert.

Change to Applipedia

Re: Beginner Question Best Way to Structure Policy Design in Palo Alto Firewalls

Re: First-time poster exploring best practices for security design in PAN-OS environments

Re: Beginner Question Understanding Basic NAT and Traffic Flow in Palo Alto Firewall

Re: Beginner Question Best Way to Structure Policy Design in Palo Alto Firewalls

Re: First-time poster exploring best practices for security design in PAN-OS environments

Unlock your full community experience!

Resolved! Panorama 9x - how to delete Child DG ObjectX if Parent ObjectX exists

Resolved! How to forward the logs before yesterday to syslog server.

Resolved! Students, using HTTPS now on Proxies