General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Small lab for google drive

From trust to untrust zone ,we have allow the download from google drive but have to block the upload from google drive and also i want to use internet for other web service help me security rule and if there any other url filtering

Resolved! API to trigger MineMeld Miner refresh

Is anyone aware of a way to remotely trigger a Minemeld Miner refresh. Does MineMeld have it's own API? I'm familiar with using PA API and Dynamic Address Groups for instant addititions of IPs. This is for a usecase where EDLs are used and we'd like to trigger MineMeld and then PA refreshes. I can refresh the PA EDL via API; however, I'm not...

PA-User by L1 Bithead
  • 9573 Views
  • 5 replies
  • 0 Likes

[need help]can't see new incoming logs after upgrading M-100 into 8.1.12

Originally my devices are:-one M-100 with 7.1.10-two PA-5020 (HA) with 7.1.10-one PA-3050 with 7.1.9all of three Palo Alto devices were registered to M-100 and forwarding logs were working fine. I start upgrading M-100 first. From 7.1.10 to 8.0.20.-upgrade is fine-three devices are connecting after upgrade-I know old format logs were not seen (a...

emr_1 by L6 Presenter
  • 7937 Views
  • 2 replies
  • 0 Likes

Policy Optimizer "No App Specified" PDF/CSV Export

Hi,I am using PANOS 9.0.4 and working on legacy rules to AppID rule migration. When using the Policy Optimizer, trying to export the "No App Specified" data, the export is missing the "App Usage Apps Allowed" data, and the "App Usage Apps Seen" data.Anybody experienced this before? Is there a fix, or maybe I am doing something wrong?

PO-Data Export.jpg

Miner to collect Microsoft Public IP space

Hi Luigi, I need to create a miner on MineMeld containing all Microsoft Public IP addresses. Any plans to add a miner for it?The URL source is https://www.microsoft.com/en-us/download/details.aspx?id=53602 The file is in CSV format. I noticed you created something similar for Azure IP addresses, but the file format for Azure is XML, not CSV. ...

Resolved! dropbox - ssl decryption

Hey all,I am using dropbox on my PC and ssl decryption has been enabled on my Palo Alto. I added my PA root cert to my trusted certificates on my computer and am not getting any complains from my browser when surfing to https websites.However, my dropbox application is complaining that it can not make a secure connection to the internet.And yes,...

ACC Filters

I have been going through the PAN OS 9.0 curriculum and I am confused about ACC Global Filters. Three way to apply a GF:Set Global filter from the table from any widget and apply the attribute as GF.Promote LF as GF, when this is done it will update on all the TAB in ACCDefine a GF: Define a filter using the GF pane on the ACC. To me items 1 ...

Amin2 by L2 Linker
  • 2750 Views
  • 1 replies
  • 0 Likes

Export Threat Vault information

Is there a way to either export a complete list out of the Threat Vault or is there a list maintained somewhere of all the current threats? Looking for something that list the Threat ID, Name, and Severity. I need this to import into our SIEM so that when it receives the logs from the Palo Alto it is able to translate them correctly. Thanks in...

karlh by Not applicable
  • 7876 Views
  • 5 replies
  • 1 Likes

Resolved! System startup error on PA-3220

I have received this error on my PA-3220. can anyone explain this? " Welcome to the Maintenance Recovery Tool ATTENTION: A critical error has been detected preventing proper boot-up of the device. Please contact Palo Alto Networks to resolve thisissue. 866-898-9087 or [email protected] Reason: System startup error.See 'En...

Resolved! Routing driving me crazy

Hi folks, here's a weird issue!We have one public IP lets say 1.2.3.4.Our PA VM 300, can ping to any public IP address other than 1.2.3.4.For all other public IP addresses, it sends traffic via default route out of external interface. But for 1.2.3.4, it sends the traffic to our management gateway. Following to be noted:1. 1.2.3.4 is our other P...

CVE and Threat Signature

In looking at the threats in the Vulnerability Protection profile only a relatively small number have CVEs associated with them. Is there a way to get a list of those that do without just scrolling through the pages of threats in the GUI? Also, is there somewhere that the whole list of vulnerabilities is posted from PA? I suspect not as this is ...

Throughput calculation

Hello , Can someone know how to calculate manually the FW Throughput ?it's for a PA 5060 with multiple Vsys and 1 etherchannel to the external network and another one for internal servers. Command 'show system statistics session' display a low value in comparison of snmp BW value graphshow system statistics sessions > Throughput :133965 Kbps...

Resolved! File Blocking Continue Page in a TLS connection

Hello everyone, I have a PA-VM in version 9.0 .1 , I have setup a File-blocking profile and attached it to my allow-all security policy. The File-Blocking profile has the action of "Continue" for ".exe" file type. In the other hand, I configured a decryption policy. My problem is that when I try to download an .exe file via HTTP I get the "Conti...

enabling x-auth support on an existing globalprotect gateway

i have 2 gateways configured on my firewall. One for corporate users which has certificate authentication, and another gateway which uses domain credentials for accessing on non-domain machines. If i enable x-auth support on one of these gateways, will that have any negative effects on windows users? basically i wish to use the native vpn client...

welly_59 by L0 Member
  • 3627 Views
  • 1 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels