Porting to Python 3

Hi all,

I was wondering if, given that the end of support for python 2 is scheduled for January 2020, is Minemeld porting in python 3 expected?

Thanks.

THREAT ALERT : high : 169.254.254.238 -> 169.254.255.255 Microsoft Windows NAT Helper DNS Query Denial of Service(31339) alert

Hello Team,

We got the below threat alert from the panorama and not able to understand the most of the part , like source and Destination . Both IP looks the outside my network but still its showing the rule: Outbound_Default_URL_IPS . One of my outbo

Cisco Policy Based VPN - ProxyID Query

Hi everyone,

I am receiving the below error on a Palo to Cisco policy-based VPN.

'IKE phase-2 negotiation failed when processing proxy ID. cannot find matching phase-2 tunnel for received proxy ID. received local id: 10.45.33.253/32 type IPv4_address

Generating SSL Decryption Forward Trust Cert for an HA Pair via Panorama?

I've successfully rolled out SSL Decryption on a bunch of non-HA firewalls via Panorama. Generating the .CSR, signing it with my CA, and then importing the .CER but I'm wondering if this is going to work with my HA Pair because I'm guessing that I'll

Router on a stick with VLANs

I have a single HPE 5400 that links to a PA-820. I have an untagged p2p VLAN on a Layer3 interface on the PA. I use this as the "MGMT/LAN" side. The HPE is doing routing for internal networks.

To add another VLAN, I tagged that same port on the switc

Export traffic logs in CSV

Hello All,

I have tried to export logs from firewall its reach limit up to 1048576 rows, this is only for 3hr logs can anyone have the option to filter logs or can we exceed this limit.?

proxy_arp_pvlan

Hi all,

I was dealing with a scenario recently which I eager to use the Palo Alto firewalls.

In my design, it is a must to use the feature which is called ARP alias in Cisco terms, and ARP publish in Juniper terms. In case of Linux as Palo Alto is usi

Azure Cloud IPs with Service Tags - REST API

I know there is a miner today for the Cloud IPs with Service Tags from a JSON file download.

There is also a REST API that could be used to pull this information, and would in a way work better than the existing JSON file, because you can split on lo

HIP Check licensing expired

I thought that HIP check licensing expiration (trial version), would cause any rules on the FW - using a HIP check profile column to not match.   Instead, it appears that it causes the firewall to simply not care about that column at all.... and allo