General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! PanOS version number

Am I correct that the naming scheme is considered Major Version . Feature Release . Maintenance Release - hotfix?

8.1.6-h3

Resolved! Port used by the user id agent to talk to AD server

We have PA user id agent running on the windows server.

Need to confirm Port used by the User id agent to talk to AD for user to ip mappings

is this port tcp 5006?

where should i look for?

Packet Descriptors spike

Hi All,

I've been collecting and plotting CPU, Session, Packets Descriptors, Packets Per Second, as well as some other metrics. Once in a while I see a spike on the Packet Descriptor graph.

According to KB article How to Interpret: show running resourc

...

Resolved! 5220 data plane cpu utilization in GUI

Need to know on PA 5220 when we see DP utilization in GUI does it mean that it is average CPU of all the cores?

Resolved! PA-220 Issues with Routing between LANs (Layer 3)

Hello everyone!

I am brand new to Palo Altos and firewalls in general, so I'm sure I have made a couple obvious mistakes, but hope to learn. I have inherited a PA-220 that is now needed to be put in place between us and other connections (no interne

...

Reasons for Connections going to ssl decryption exclusion list

Need to know PA which reasons it consider to put session in ssl decryption exclusion list?

one I know is client cert authentication and cert pinning.

also if ssl handshake does not complete will PA put connection in exclusion list?

Feature Request : GlobalProtect Disable uninstall of agent from workstation

We need the ablity to disable the uninstall of the GlobalProtect agent from our corp laptops. As it is now our users can and will uninstall it.

Traps has this ablity but I cannot seem to find anywhere to secure GlobalProtect

GlobalProtect - How Are you Using?

We have had our Palo 3020 along with GlobalProtect for about a year now, and we continue to struggle with all sorts of GP issues. I'm curious to know how are you all using GlobalProtect?

One Issue - Our strategy was to use GlobalProtect as an Always-

...

Resolved! new panorama vesion 8 legacy adding disk

Hi,

newly deployed ESXi vm panorama 8.0.2

By default free space is 11gb this is ok.

Then trying to add a new disk for exmpla 150gb.

This is working with version 7.1 new panorama.

Can we also make this work with new deployed 8.0.x panorama (legacy mode)

...

Safe Search Issue

Transparent safe search is not enforced for networks which are using the PA box for DNS proxy.

I have enabled Safe Search tick in URL filtering. Still no go.

We have enforced with local DNS servers and that is working. However the interfaces using PA

...

PA-850 - how to protect

Hi

If I wanted to protect a PA850 from unknown devices connecting.

so 1 port to the local ISP.

6 ports for laptops to directly connect.

How / what is the best way to make sure only pre defined laptops can connect.

Mac filtering ??? Think that is easily

...

Resolved! IS it possible to delete the crashinfo file

when i run command

show system files

/var/cores/:
total 4.0K
drwxr-xr-x 2 root root 4.0K Jan 10 00:15 crashinfo

/var/cores/crashinfo:
total 0

/opt/var.dp2/cores/:
total 4.0K
drwxrwxrwx 2 root root 4.0K Jan 10 00:15 crashinfo

/opt/v

...

Resolved! Blocking punycode URLs

We have PA-820's and I have been looking for a way to leverage them to block punycode attacks. In fact, we'd be pretty OK with blocking punycode URLs altogether. I just haven't been able to puzzle out a way to do it. If I add xn--* to the URL filt

...

PA850 10gb sfp+

Hi

After connecting sfp+ 10gb - we are seeing high latency and high Packet Descriptors (almost 100)

any ideas?

We are using brand new Dell certified DAC cables:

DLCAB-SFP+10Gb

Configuration settings for Syslog forwarding in Palo Alto UTM

Hi Team,

We have integrated Palo Alto UTM v8.1 with LogRhythm. We have enabled syslog on UTM and we are receiving logs on LogRhythm.

The issue is not all the fields are getting captured in the logs (we verified this in raw logs received at LogRhythm)

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free