Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hi Folks,
Need urgent help on an issue where " PAN Box Integrated with AD as an LDAP entity for USER-IP Mapping. So when User switches from LAN --> WiFi or WiFi --> LAN different IP Subnet, user-ip mapping don't change instantaneously" because of th
...
Hi,
Can we enable IPS features on a particular sub-interface/zone in Palo alto so that it gets applied to all traffic that enters through that particular sub-interface?
From the little reading which i did, i am seeing it as configuring it in secur
...
Have been looking around trying to find this and can't find it.
I have a filter for system logs to filter all the successfull Global Protect logins for the last calendar week.
I have been manually exporting this to a csv but wanted to schedule the pr
...
I started with aperture and document mentioned "Aperture compares your user defined aperture policies to the data content and context to calculatre any policy violations"
I understood
Conext = data exposure
Content = Data patterns inside the acutal fil
...
Hi Team,
Can we ping management IP of the passive device from the any one of the dataplane interface on the passive device.
Interfaces on the passive devices are up (showing green) --> passive link state is auto.
We have tried pinging the internet in
...
Hello,
I made an VPN Tunnel between paloalto and fortigate(3 tunnels).
Every config is same between them. 2 of them work well but 1 tunnel has an issue.
About 3 mins before phase 2 negotiation(by lifetime or other reason), traffics can't go through t
...
Hello
I made ipsec tunnel between paloalto and fortigate.
I keep have issue about rekeying, so I try to set different lifetime phase 1 and 2.
phase 1 : 28800 -> 86400
phase 2 : 28800 -> 28800
In paloalto I can't set 86400 sec, so I plan to set it 24 hou
...
For sites (to be whitelisted) that are behind ever-changing IP ranges (e.g. Amazon load balancer), has anybody used a services like these?
https://dns.google.com/resolve?name=www.netflix.com
https://dns-api.org/A/www.netflix.com
Is there an e
...
Is the MM_CONFIG_DIR pre-set? I used my admittedly limited Ubuntu knowledge to check inside the engine process and it doesn't appear to be there. I see the variable used in many/all miners for storage of password and client certificates.
os.e
...
Hi all,
I have the way to get feeds from ISAC with a TAXII prototype and I want to share with you all. Proabably it can help someone.
Firstly it's necessary to import the minemeld-taxii-ng extension on system>extensions and install extension from git
...
I have been working on syncing a manual localDB miner list via this Python script (https://gist.github.com/jtschichold/95f3906566b18b50cf2e3e1a44f1e785) When I use it, I get 'Unauthorized' when trying to access /status/minemeld. If I manually authe
...
i got this email alert from Firewall .
what can be the reason for this and which process i can check in Management plane?
I worked on my first extension today (based on the structure and files of youtube-miner).
As soon as I imported it into MineMeld I got the ERROR RETRIEVING EXTENSIONS LIST: INTERNAL SERVER ERROR red box of shame.
What log should I be looking i
...
Hi all,
I'm using a PA-3020 device configured with multiple Vsys and when creating a Vsys I have the ability to assign a specific VR.
From my understanding, the connection between a Vsys to a VR is based on the Vsys connected interfaces to the VR much
...
Hello All,
I have WLC and anchor-WLC with PA firewall in between, I have rule allowing EoIP and wlc-mobility APPs with application-default service selected, I don't see on monitor tab any single packet logged, even though I know for sure it is there,
...
TomYoung
on:
what is the cli command for checking last failover
reaper
on:
SSL inbound inspection certificate issue
TomYoung
on:
One Global Protect Portal and Two Global Protect Gateways in One Firewall
reaper
on:
password reset for user through support.paloaltonetworks.com
OtakarKlier
on:
Disable USB Port on Firewall
