General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Overlaping subnets in IPsec VPN between palo alto firewalls hosted in AWS VPC,need help to configure

We have 2 VPC each having Palo alto VM-100 hosted in AWS ,both VPC are having overlapping subnet and we are try to setup ipsec site to site vpn ,kindly let me know the fesable configuration solution with configuration example if possible.Thanks .

Resolved! Connecting WildFire Private Cloud to firewall

When connecting WildFire Private Cloud to firewall (Device > Setup > Wildfire), It appears that we can only add one (1) appliance IP address. However with a cluster there's more than one appliance.

1) Should this be the management IP address of the Pr

...

Resolved! Disabling HA

Hi Community,

Does disabling HA using the master switch ( Device -> High availability -> general -> setup ->enable HA checkbox) will cause the interfaces to go down and up ?. I understand that the interface mac has to be changed from virtual to physi

...

Resolved! MineMeld engine failed to start.

I was attmepoting to configure Minemeld to pull AWS ip addresses, but nothing happened when I hit commit. I noticed the Supervisor had stopped, and came across this earlier article. I issued the commands:

sudo service minemeld stop sudo service minem...

Resolved! URL Filtering Reports in Panorama - clickable URLs

When I click on the icon to open a web page in a report, it takes me to a "whois" page. I would like it to rather take me to the website.

Is there a way to customize this behavior? I would appreciate any help, thanks!

Need to allow service for Ping application

Hi Team

We have configured the one Destination NAT policy. My requirement is Ping the NAT IP (Public IP) from the external network.

I have configured one security policy with application as 'ping' and service as 'any'.

For the above configuration, I

...

Resolved! Take PCAP from the mgmt interface using the UI

Hi All,

Is there a particular reason why this option is only available from the CLI?

Thanks,

Myky

Resolved! User-ID not mapping all users

I'm using the PA's integrated User-ID Agent to setup User-ID. The moment I began monitoring DC controllers it begain to pull User-ID mappings. This is before User-ID was configured on any zone. However, when I configured User-ID on a source zone, the

...

Resolved! unable to get system info

This is a new one for me. My system is showing "active" (in active/passive) but the GUI is frozen and I see the following on the dashboard:

PANOS 8.1.9

From the dashboard

MineMeld - need help importing and processing syslog data

I installed the MineMeld VM on my ESXi box yesterday and it came up just fine, I can login to it from the VM Console, the web console, and over SSH. I've edited the /etc/rsyslog.conf file and /etc/iptables/rules.v4 so that syslog data is coming in f

...

Migrating server from port based firewall to Pal Alto

My company is moving a few servers from an old data center with an ASA to a new data center with a Pal Alto. A lot of the rules for the old server on the old firewall are showing port numbers only. I would like to use application ID as much as poss

...

Issue on updating cert on Palo Alto FW pair

I got an issue to update a cert on PA pair.

The issue is very similar to what it describes under

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CldECAS

I import the new cert to both PA FW units and change config to use the new

...

PAN-OS 9.0 Static Route Commit Warning

Just a note here that I am getting a cosmetic warning during commit of a newly-upgraded PA-220 (my lab box) to PAN-OS 9.0.

Prior to the upgrade, I had a static route in my virtual router, to redirect all traffic going to 192.168.1.0/24 to my tunnel

...

can't able to get response for show running security-policy command from the device via SSH

we are using Paloalto PA-5220 PAN-OS 8.0.7 virtual firewall. using a third tool we trying to fetch the policies using the command "show running security-policy". when the command is entered it stays still and the policies are not shown. It happens s

...

NAT

HI,

when do we use the destination nat ,source nat and identity nat

I mean what is the use cases for the above

Thanks

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free