General Topics

Discussions

Sorted by:

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Panorama Error

Getting below error in Panoram's system logs :

Panorama has lost connection to its peer, no log will be forwarded

Though from Panorama all devices looks connected .Verifed the device status from panorma.

Anyone facing similar issue ?

TCP issues when moving an application through a Palo Alto FW

Hi,

Following scenario:

we have a 2-level Firewall Filtering / Security Setup active in our infrastructure, with a Cisco ASA currently acting as the Internet Firewall (updated to the latest Cisco ASA OS version) and an internal Firewall (Checkpoint a

...

NAT PPTP VPN

Hello, im trying to set up a NAT rule for a PPTP VPN tunnel.

I have set it up like this:

Source: untrust

Dest. zone: untrust

Source address: Any

Dest. address: lets say 20.20.20.20/32

Service: any

Source Translation: None

Dest-Translation:20.20.20.20/32

Secu

...

TLS 1.3 support

Hi everybody,

any news regarding change of decryption from passive to proxy mode to support TLS 1.3 decryption?

Thank you,

Jan

Palo Alto lab devices

Hi guys,

I was assigned to work on a project with involves working with Palo Alto appliances a lot. I have never touched such a firewall before, so I am planning to get two (or more) devices for my home lab and experimental use.

Do you think the PA-20

...

Problems with panorama and paloalto ACC No data display

Hello good afternoon

I have a problem with my panorama and a Palo Alto HA, in the panorama the complete traffic is not visualized and in the ACC no data display.

Already apply these commands

> request log-fwd-ctrl device <serial number> action stop
>

...

Question about Global protect Pre-Logon Issue

Hi,

I configured GP pre-logon method, But it’s only working in administrator mode even though the user is part of administrator group, it’ not working for normal users.

I followed below KB article,

https://knowledgebase.paloaltonetworks.com/KCSArticle

...

On boarding Large Numbers of Firewalls Using Panorama and Bootstrapping

I am working on a project which will involve deploying a large number of PA220 firewalls to branch offices. This will happen over a period of time with probably around 30-50 branches per phase of work. These branch firewalls will be managed using Pan

...

Resolved! Trade-in of PaloAlto Policy

My current model of PA will be end-of-support soon.

Thus, anyone could guide me what should we do to replace boxes for the supported model ?

Anyone know the policy of trade-in old boxes with supported boxes ?

Thanks in advance.

Vorleak

PA-3020 SSL Decryption Query

Hi, I have enabled SSL decryption (forward proxy) on our PA-3020 firewall. The certificate is generated from our CSR and is installed on our PA-3020. I have set up a separate forward trust and forward untrust certificate. The forward trust certificat

...

PA Configuration File Format Conversion

My organization creates PA firewall configurations in "set" format as they are easier to read and peer review. It is very cumbersome to then put this style of configuration into the firewall itself. Is there a program/utility that can convert this t

...

How to get Applications using XML API

I am trying to get a list of applications, or a single application using the XML API. I have tried the following:

api/?type=config&action=get&xpath=/config/shared/application

api/?type=config&action=get&xpath=/config/shared/application/entry[@name='ic

...

Resolved! Panorama -Commit

I am new to Panorama.Can someone tell me difference between following :

Commit -> Pust to Devices

Commit -> Commit and Push.

Is panorama pushes whole running config or just change (e.g add object or policy) ?

Resolved! Minemeld install error on Ubuntu 16.04.6 LTS (AMD 64 bit)

Unable to get past step 7 as I am getting the message "Unable to locate package minemeld". I have removed and readded the repo (step 5), and I saw a post about using AMD image instead of i386 image, none of which resolved the issue. Wondering what I

...

Global Protect 5.0.2 - working deployments/configurations, open issues and everything else

Hi community

Today Global Protect Version 5.0.2 was released. The way to this version was a long one. I had 10 open cases with different issues that I reported for Version 5.0.0 and 5.0.1. Most of them are fixed in 5.0.2 so this version - from what I

...