General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

update to userid 8.1

Hello,

When launching the userid installer 8.1 on a server running userid release 8.0, it displays a warning message during the update process :

This message was never displayed during update process of older release. What does it mean and is there

...

Blocking SNMP SET

Hi,

I have no control on the SNMP Server so unable to enforce policy.

As per security requirements I want to block / deny SNMP SET packets passing through Palo Alto firewalls as well as targeted to the Palo Alto firewall management plane. However I

...

Resolved! nat and security policies ip object need a subnet mask or not?

in my firewall i use certain ip addresses for outside to inside natting and for security policies , but im wondering , under objects do i need to specify the subnet mask "/24 , etc" for each object host or not? i specified the mask for the inside and

...

File uploading blocking using application ID

Hi All,

We want to block file uploading into some cloud based websites like (google drive, github and other cloud network storage).

Is there anything we need to get license for it?

Unable to download minemeld fast install .ova

I am unable to get the .ova from the following link https://minemeld.s3.amazonaws.com/minemeld-vm-0.9.11-3build2.ova.

Is this a restricted download? What kind of access is required for this?

Require historical report on Firewall Throughput, session , CPU and memory utilization.

Need to know about reporting feature on Panorama which provides historical ( last 30 days) utilization of Panorama manages firewalls.
I know that there is an option in Panorama under Health Managed device Tab. but it could not provide statistics prope

...

DHS AIS Miner SSL issue after Feb 13th

Hello,

DHS upgraded their server on Feb 13th and since then some people were seeing SSL errors. They told me, they have couple of organizations using Minemeld they are currently failing when they pull.

The error i see in my system below.

(8429)

...

VPN tunnel up alert mail

Hi Team

If VPN tunnel goes down we have receive a mail alert by severity critical. If the VPN tunnel comes up how can I get mail alert ? Please advise..

Regards

Mohammed Asik

New MineMeld install on CentOS 7 ... joined to AD domain. WEBUI login failing - bad creds

We have been running Minemeld on Ubuntu 18.04LTS, but since that OS is EOL I am working on a replacement server running CentOS 7. The server was built for me by the server team and was joined to the domain. I use my AD credentials to ssh to the serv

...

Resolved! Device document error

Hello all, I have a PA-220 I am trying to import into Panorama, but am getting an error. I have added the Panorama IP on the PA-220 and the PA-220's serial into Panorama's Managed Devices, and it's showing connected. However, when I go to Import de

...

Resolved! Global protect users issue

Hi Experts,

I configured global protect SSL VPN all worked as expected but i am facing an issue, GP users are not showing up on my monitor tab, i know that its a routing issue i did the below routing and created security policy to allow all GP traff

...

Resolved! Userid agent server monitoring method

Hello,

I wonder what is the port / protocol used by windows UserID agents to monitor Exchange and AD servers ? Indeed I have another FW between my PaloAlto device and the Active Directory and Exchange servers I want to monitor.

Is this SMB traffic on

...

SSH Decryption

Hi. If my FW is doing SSH decryption and sending all decrypted traffic out of a mirror port where my Kali machine is, what tools would be able to "read" the username/password from the decrypted SSH traffic?

I was looking for something similar to what

...

Resolved! Suddenly receive GlobalProtect Portal not found error only with specific Internet Service provider.

Suddenly I am receiving the error that GlobalProtect Portal not found or Invalid portal. Please contact your IT administrator.

Earlier I had GP client version 4.1.2-11 installed So as a part of troubleshooting step I have upgraded to 4.1.8-2 but still

...

Resolved! Disable HTTPS

I am running pfBlockerNG.

It cannot connect to Minemeld because of the self-signed certificate.

This is for my home, so I don't have a signed certificate to use.

Is it possible to simply disable SSL on the web server so I can get past the cert error?

Th

...

Discussions

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

update to userid 8.1

Blocking SNMP SET

Resolved! nat and security policies ip object need a subnet mask or not?

File uploading blocking using application ID

Unable to download minemeld fast install .ova

Require historical report on Firewall Throughput, session , CPU and memory utilization.

DHS AIS Miner SSL issue after Feb 13th

VPN tunnel up alert mail