General Topics

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Enterprises are embracing AI to revolutionize their operations, but with innovation comes new cybersecurity challenges. That’s why you can’t miss Ignite on Tour!

This event is your gateway to exploring how AI is transforming cyber defenses. Join us

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! Security Profile - Mass change - Is there an easy way?

I received a request to change the current security profile on 3,502 policies (spanning three VSYS) from a shared profile to a local profile. Is there a better way to do this than doing them individually through the GUI?

I don't even want to think ab

...

Resolved! AlienVault taxii miner versus prebuilt reputation data miner

AlientVault has the OTX with a taxii feed configuration which looks like it could be handy. However the miner for the alienvault reputation has a link which 404's. Does anyone have any idea if this overlaps?

Also the AlienVault taxii feed would req

...

Path Monitor... source IP must be within the same subnet as destination?

I'm trying to monitor the availability of one tunnel, to re-route the same destination traffic into a second tunnel. The other side can't do routing protocols right now--which would solve this easily. I hoped to find a non-manual way to fail over.

I

...

Allow techblog.netflix.com without allowing netflix-base?

Good day,

if you try to open http://techblog.netflix.com our PA currently recognize it as netflix-base.

Is there a way to declare it as normal web-browsing if they try to open the techblog page since we don´t want to allow netflix-base for our users?

...

Palo Alto - TCP Normalization

Hi !

We are migrating to Palo Alto from ASA Where ASA TCP normalization is enabled for option 28.

How we can achive the same in Palo Alto ?

Global Protect pass OpenVPN traffic?

We have deployed GP full tunnel VPN across the enterprise. We have some departments using OpenVPN,

My question is why can't users use OpenVPN without having to disable GP first.

thanks,

Resolved! Global Protect reboot notification

Is there any way to tell before installing an agent upgrade if the agent is going to want a restart or not?

URL Filtering Response Page

Hi All,

I have created a custom response page for a vsys but I need two of these within a VYS so they are served depending on the source IP address.

Example, if user comes from within 10.10.10.0/24 I want to serve a response page with policy details

...

Security Policy Actions- Vulnerability

Dear All,

Kindly help me understand below query -

We would like to configure Security Policy Action "Block IP" for Critical, High and Medium level Vulnerability signatures for 3600 sec. As per understanding traffic from source-destination pair; Conf

...

Resolved! Global Protect Windows 10 issues

Hi folks.

I'm running into an annoying issue with some Windows 10 workstations and Global Protect.

Global protect will install, and run for an unspecified (and variable) time on a given workstation. Connected, working, no problems.

After some period

...

Resolved! Wildfire WF-500. Commit job was not queued. All daemons are not available.

Hi all,

When i trry to commit this error appear:

I tried to restart the system but withous success.

Resolved! Implicit Applications with cotp/ms-rdp in security policies

Hello everyone,

Been testing some PA firewall functionality and noticed that ms-rdp has the implicit use of "cotp" defined, but the cotp application matches to a rule further down the policy list. When I review the logs, it looks like this

Am I misun

...

...

Discussions

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Resolved! Security Profile - Mass change - Is there an easy way?

Resolved! AlienVault taxii miner versus prebuilt reputation data miner

Path Monitor... source IP must be within the same subnet as destination?

Allow techblog.netflix.com without allowing netflix-base?

Palo Alto - TCP Normalization

Global Protect pass OpenVPN traffic?

Resolved! Global Protect reboot notification

URL Filtering Response Page

Security Policy Actions- Vulnerability

Resolved! Global Protect Windows 10 issues

Resolved! Wildfire WF-500. Commit job was not queued. All daemons are not available.

Resolved! Implicit Applications with cotp/ms-rdp in security policies

Up gradation of PANOS 8.0 to 8.1

Resolved! is it advisable to have PAN UID agent and windows UID agent enabled on PA-5020?

Resolved! Pushing updates from Panorama to PA220 uses incorrect IP address

PAN OS REST API

SSL Decryption Auto Tag URL to No Longer Decrypt

UserID Agent version compatbility

Panorama will not upgrade as a stand alone.

ION CLoudGenix Devices Offline

Join Us For a Fuel Workshop on GlobalProtect Troubleshooting Techniques (APAC Region Sept 17-18)

Re: Issue with PA-1410 platform disk size

Re: How to get all EDL entries with XML api?

Re: Migrating from PA-5250 to PA-5410

Re: Migrating from PA-5250 to PA-5410

Unlock your full community experience!

Resolved! Security Profile - Mass change - Is there an easy way?

Resolved! AlienVault taxii miner versus prebuilt reputation data miner

Resolved! Global Protect reboot notification

Resolved! Global Protect Windows 10 issues

Resolved! Wildfire WF-500. Commit job was not queued. All daemons are not available.

Resolved! Implicit Applications with cotp/ms-rdp in security policies

Resolved! is it advisable to have PAN UID agent and windows UID agent enabled on PA-5020?

Resolved! Pushing updates from Panorama to PA220 uses incorrect IP address