General Topics

What's new in MineMeld 0.9.32

Release Date: 2017-02-06

Changes to the default behavior

• To avoid data corruption, MineMeld engine now periodically checks availble disk space. If the available disk space falls below the limit of 10MB per configured node, the engine shuts down and

Sync Between Active Directory and User-ID

Hi there,

I have security policy allowed for particular group A. when i add/remove member in group A it doesnt sync with the security policy.

Is there a way to sync between active directory and User-ID/ Security policy?

Thanks in advance.

Pratik

Panorama: Bulk Edit Security Policy to update Security Profile Group

Hi,

I have about 900 rules spread across 2 different groups within Panorama. I would like to apply a shared Security Profile Group to all these rules where there action is Allow. 

I have done some searching around but have not found any answers, howe

Software packet buffer depletion

I am working with a client who is experiencing very high CPU utilization on the data plane and his packet buffers do not release.  He is running 8.1.7 in a lab setting with no traffic being generated to the firewall.  He has VM is setup with 6.5GB ra

SSL decryption in forwarding proxy and a Web proxy after paloalto firewall

Hi all,

i have a PA firewall used for internet navigation and a transparent proxy for Web navigation.

I have enabled ssl decryption for a specific URL category that i have set in url profile in block-continue.

If i set my PDL browser with the proxy i di

Does PAN-DB categorization apply to subdomains?

If I register a domain in PAN-DB for categorization (https://urlfiltering.paloaltonetworks.com/), do all subdomains automatically fall under the parent category?  For example, if I register "mywebsite.net" for categorization, will the assigned catego

Moving Traps endpoints to another tenant (tenant-to-tenant migration)

Is there an automated way to push clients from one TRAPS Cloud instance to connect to another TRAPS Cloud instance? If so, how do we do it?

Next Gen Firewall Public Wifi Browser Warning Issue

We have a policy for public wifi subnet set to

• ACTION to NO DECRYPT,
• Set TYPE=ssl-forward-proxy, 
• DECRYPTION PROFILE = NONE

 When any public device (i.e laptop) try to open a HTTPS website that prohibited by our organization URL policy.

For example HTTPS’

Is it normal for the captive portal zone be displayed on BGP sessions? Not using CP?

The session browser logs display BGP port 179 sessions trying to connect to the same destination peer address, in 2 different zones, the correct zone and the captive portal zone, is this normal? We are not using Captive Portal, but I do see it enable

Import/export device state

Upgrading a firewall from a single fw to an HA pair. My plan is to do a device export of the current active firewall then import that device state to the two new firewalls then setup HA. Some of the config pieces are from PANORAMA. Any issues with im

QoS bypass traffic and guaranteed egress bandwidth

Hi all.  I am new to QoS and I am unsure where this number is coming from in the Qos statistics for bypass-traffic for guaranteed egress.  Thanks.  Brent

NAT configuration for interface Tunnel

Hi All,

I'm in the middle of migrating a series of PAs from one customer to another. The newer system is on version 8.1.10, the other is on 8.0.14.

I have configured the VPNs each with a seperate tunnel, pretty standard stuff. I am creating some spec