General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Need Upgrade Tips

I am planning to upgrade Panorama and my few HA clusters to version 9.0.6. Currently all these are on 9.0.3-h3.

Need your experience on 9.0.6 if anyone is already running on it. Is there any unknown issue/bug observed on this version?

I have completely

...

Resolved! SSL Inbound Decryption and Certificate with Wildcard mask

Hi Everyone,

Hope everyone is staying home and Safe.

I need to import the certificate and the private keys to the firewall from the web servers.

We have this certificate say

*.city.ca and this is associated with few websites like

maps.city.ca. or rec

...

Question about Service Route Configuration

I just inherited a PA-820 and know nothing about this device. It's unable to connect to the cloud for updates. Currently it's service route is set as the default (Management Interface). I was told by support to switch it to an untrusted interface

...

Cannot check for new Dynamic Updates

Hello, I have a PA-200, version 7.0.10 (I know, too old) I'm planning an upgrade to 8.1, but I understand that I have to download Dynamic Updates before upgrade, am I right? The issue is that I can't Check for Dynamic Updates, I've tried with Check N

...

Files' upload problems

Hi.

I'm searching for someone can help me.

My problem started when I tried to upload custom logo for the login page.
The upload fails becouse the process blocks itself and never ends.

I had the idea to try the "Import named configuration snapshot" functi

...

Denied traffic even though GlobalProtect HIP check passes?

Hi all,

I have a PA-3020 that is configured for GlobalProtect. All is good as far as being able to connect to the VPN, but once I am connected I find that I'm having issues connecting to servers that are permitted in security policy, but have the HIP

...

PA 820 to PA VM migration

we have implemented PA 820 in one of our client places now we are facing issues in hardware. We need to migrate the entire configuration to the PA VM series firewall.

Let us know the procedure to migrate the entire configuration from PA 820 to PA V

...

Global Protect with SAML Azure Authentication and disconnect tab on client

We have configured the global protect 5.0.6 with SAML Authentication.

It is same authen profile on both portal and gateway.

I have unchecked the authentication override on both portal and gateway.

Seems when i connect to the client and when i disconnec

...

Resolved! Management Interface Permitted IP Addresses & other devices

Hello all,

Our PAN-OS Management Interface Permitted IP Addresses (on both Panorama and firewalls, version 8.14) contain IPs for the firewalls and both members of the Panorama cluster. These weren't set up by me and I'm wondering if that's necessary

...

Exporting a list of Panorama managed devices with software version included

Does anyone know how to export, to csv, a list of all managed devices from Panorama?

Thanks,

Resolved! Traps Uninstallation Issue

I’m trying to install the latest version CortexXDR 7.02 however I’m unable to remove the previous Traps installation that is still shown in the registry files.

We are on current Traps agent 6.11.18549 and we can remove this successfully however unabl

...

Resolved! Phone calls random failing to connect at remote locations - Cisco Call Manager

We are in the process of converting over to Palo Alto firewalls at our remote locations from ASA firewalls. A few of our sites now are having some strange issues when attempting to make phone calls.We are a Cisco call manager shop.

Here is a basic se

...

Need to block WINSCP application but want to allow ssh

Hi Team

In sec policy I have allowed for some users only RDP and SSH application. But these users are able to use WINSCP application because WINSCP application also using port 22. I want to block winscp application but allow ssh application. How can

...

Resolved! SSL inbound inspection delay

hey all,

I've deployed SSL inbound inspection, connection gets really slow when SSL Inbound Inspection.
It takes almost one minute for the page to be loaded. Without SSL it takes 2 secs.

Would any of you have a clue what could be causing the problem?

...

Show A Warning Page When Loading A Block Website

Hey,

Is it possible to set up either a warning page or auto email to the specific user when trying to access a blocked site, currently it just doesn't load and wonder if I can set up a notification to the user that the following page is not allowed?

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free