General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 79 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3327 Views
  • 2 replies
  • 14 Likes

Issue with UserId agent

Hi, 

 

We are having an issue connecting our UserID agent (version 7.x) with a DC in W2016. We have Userid agent version 7, we know that its not compatible useridagent 7.x with Windows server 2016, but we have several DCs in useridagent 7.x and one of

...

BigPalo by L4 Transporter
  • 2102 Views
  • 1 replies
  • 0 Likes

Resolved! MineMeld whitelist not working

Hello,

 

I have the problem that minemeld whitelists don't seem to work on our self-hosted minemeld version.

 

I have the following setup:removed miner names for privacy reasons

The wlDomeinAggregator contains a few domainnames, so they should be removed

...

Capture.PNG
folmer by L2 Linker
  • 2855 Views
  • 1 replies
  • 0 Likes

Upgrading HA setup in large steps

Hi,

I'm going to upgrade a PANOS 5.0.14 to version 7.1.

As I understand, the correct sequence is:
Update PAN-OS 5.0.14 to 7.1.x:
Download 6.0.0
Download + install latest 6.0.x release (reboot)
Download 6.1.0
Download+Install latest 6.1.x release (reboot)
Dow

...

Unrusted Cert Warning on IE

 

We have created SSL cert for the PA web gui from our internal CA.

When we access PA web gui via Chrome it is good.

 

When I use IE it get the cert untrusted cert warning message?

How can i fix this ?

MP18 by Cyber Elite
  • 2794 Views
  • 7 replies
  • 0 Likes

Odd duplicate ping issue. DUP

I have a strange issue.

 

I am setting up a new 850 HA pair A/P

 

To the outside world is a LACP Aggregate, connected to a HP switch. 

 

All was going well when testing, I can ping a dummy device (laptop) fine on the outside switch from the firewall.

 

But w

...

ms-remote-registry \ ms-local-user-management Not Detected

We have been testing detection of the msrpc applications and have noted that not all sub-apps seem to be properly detected.

 

Specifically, ms-remote-registry and ms-local-user-management are not firing when we generate this network traffic and are sti

...

apackard by L4 Transporter
  • 1859 Views
  • 0 replies
  • 0 Likes

Connection error in FS-ISAC Prototype

Hi all,

 

I'm trying to create a Minemeld miner to download FS-ISAC IOC feeds. I followed the configuration indicated in a previous post on this same topic (https://live.paloaltonetworks.com/t5/MineMeld-Discussions/Prototype-for-FS-ISAC/td-p/159162). H

...

err.jpg

Do I need a NAT for traffic to pass??

I have an SD-WAN device at my internet edge that will be doing the NATing for the network. This is so that the device can decide which of 3 ISPs to use to forward traffic. My Palo Altos sit behind this device and will do the firewalling and URL filte

...

F5 failover connected behind PA

We have two F5 devices configured as active standby behind PA. The issue is on failover F5 failover ARP table on the PA is not updated quickly enough for smooth transition. Is there a way to mitigate this problem and increase ARP update time for that

...

raji_toor by L4 Transporter
  • 3217 Views
  • 3 replies
  • 0 Likes

Resolved! Block rogue VPN

I am seeing this in my system logs.

 

IKE phase-1 negotiation is failed. Couldn't find configuration for IKE phase-1 request for peer IP 172.250.246.42[500].

 

How can I block this? I been a Cisco guy for a longtime and new to Palo Alto. On my old cisco

...

Panorama VM 8.1.5

Hi all,

 

just got this case, where the client shutdown the Panorama 8.1.5 for maintenance. But once reboot, and login to the device he will not see the ">". if he performs any commands there are outputs. But the prompt is missing. He reloaded the devi

...

Shadow by L2 Linker
  • 3638 Views
  • 2 replies
  • 0 Likes

NTP synchronization issue

Hi Team,

 

The primary NTP server toward Microsoft NTP Server(172.27.35.111) and also Configured the Cisco router(172.27.9.253) as secondary NTP Server. All the Network device is synchronized with secondary NTP server (172.27.9.253 ) but paloalto firew

...

  • 24125 Posts
  • 100 Subscriptions
Top Solution Authors
Labels