General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

IP ADDRESS DISAPPEARING FROM ON EVEng CLIENT FROM FIREWALL

i have installed the EVE-NG client. after set up the ip address on the firewall, unable to see the ip address.

if you are experienced, please checked.

Resolved! DoS threshold per zone

Hi All,

What additional tool can l use to get CPS/SPS intonation hitting specific zone?

I found this KB with three wonderful MIBs:

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/zone-protection-and-dos-protection/zone-defense/take-baseline-c

...

Resolved! PA license to download images

Hello

What type of license do I need to download images ?

Firewall has access to updates.paloaltonetworks.com but when I click "Check now" nothing happen.

Trial license will be ok ?

Thank you

Konrad

PA 5050 & 5060 replacement with PA 5250

Firewall upgrade/replacement

Dear All,

Can anyone please advise on any specific points to be taken care for a hardware replacements for a pair of firewall 5060 fully managed by Panorama & to be replaced with 5250.

To me a high level plan looks like.

1.

...

Panorama: Device group can't view addresses nor zones in sec policies

I recently added a template and device group and associated them with two new PAN 3020s. The template and the device group were clones from similar environments. When I try to edit a security policy or add a new policy and go to the source or destina

...

Resolved! HA HSCI 3220

I have a pair of 3220s I'm configuring in HA active/passive. We connected the HSCI ports and got a green light on the ports and showing green/up on the HA dashboard widget. They are direct-connected and configured as Ethernet. Do I need to set an IP

...

Traffic pattern of threat ID 38643

Wavelink Emulation License Server HTTP Header Processing Heap Buffer Overflow Vulnerability' generated by PAN NGFW detected on host 10.10.10.1. " Vulnerability Exploit Detection (hostname:8081/)"

We have customer asking what is the traffic pattern tha

...

LDAP Authentication Profile allow list 'all'

When configuring an LDAP Authentication Profile what does the 'all' refer to in the allow list?

Resolved! PanOS CLI show tags?

I can tag a rule via CLI, but how can I ask Panorama to show me rules tagged with tag-name?

set device-group DG-Name security rules "Existing-rule-name" tag tag-name

Redistributing default route into EBGP and IBGP not working

I am trying to redistribute default route into EBGP peer it is not working.

1. Created Redistribute profile to redistribute default route

2. called redistribute profile under bgp redis rules

3. Checked allowed default routes to redistribute

3. created e

...

Whitelisting messenger-app

Hi guys,

Goal: Whitelisting messenger app in mobiles but deny facebook

Do you have any problems in whitelisting messenger app in a mobile? It seems creating a policy and allowing facebook-chat is not working.

But if i included facebook-base it will wor

...

Useless PBF warning

Hi All,

That's not an issue.. I just want to share with you this thought

Starting from the fact that the egress interface is NOT a matching criteria.. But I have to configure around 80 VPN tunnel (with their own backup tunnel using pbf option "disabl

...

Block traceroute

Hi all,

is there a way to block IP source if I match traceroute App-ID? Maybe with a custom vulnerability?

Resolved! IPSec VPN only config on VPN Gateway?

Hi Community

Is it possible to configure the VPN Gateway for IPSec VPN only, i.e no fallback to SSL-VPN?

Thanks

Dominik

FreeIPA LDAP group mapping

UPDATED:

The LDAP package FreeIPA uses , 389-ds-base, had some security vulunerabilities and has been updated. This update has caused the PA to fail checking users within groups. Here's is the latest configuration that works with 389-ds-base (1.3.8.4-

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!