General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 311 Views
  • 0 replies
  • 2 Likes

IPv6 over backup interface

I have IPv6 over my backup ISP (dual PA 3020s).
 
I am trying to route all IPv6 traffic over that interface but not having much luck passing any IPv6 through the PA. If I ping6 internal and external hosts from the PA itself it works. If I try to ping/
...

drewdown by L4 Transporter
  • 2774 Views
  • 2 replies
  • 0 Likes

Resolved! IPSEC tunnel is up but can not ping through

 

I have IPSEc ikev1 tunnel with vendor.

Phase 1 and 2 are up and green.

 

From PA   from my Lan interface when I ping remote lan subnet ping does not work.

I see no return traffic from vendor to PA.

 

IS this normal behaviour to have Phase 1 and 2 up but r

...

MP18 by Cyber Elite
  • 11410 Views
  • 2 replies
  • 0 Likes

Issue with PBF rule

Hello,

 

We added a new VDSL Link on port 1/4 and created the PBF rule so that if the primary goes down, it will switch over to the backup. PBF rule is working fine and internet failover works okay.

 

However, customer accesses an internal Server across

...

Resolved! Palo Alto Updates Issue on Multi VSYS system

Hi All,

 

Hoping an answer can be provided to this multi vsys Palo Alto I am deploying.

 

I enabled the operational status of one of the virtual firewalls I am providing making it fully internet facing with Globalprotect operating on the outside interfac

...

a.jones by L3 Networker
  • 3974 Views
  • 4 replies
  • 0 Likes

Resolved! Error reading last checkpoint

Hi guys

 

I started experiencing this problem in MM 0.9.52, my MM engine was restarting continuously. I tought it was some bug related with this version so, with a little bit of stress, I updated to 0.9.60 (I'm using CentOs), but I still get the same b

...

Screenshot_2019-04-23 Problems with CentOs 7 and MM 0 9 52.png

Resolved! Best practice for OSPF

So i have a Pa850, it has lots of vlans off it.

 

1 vlan connect to the other OSPF routers. I have OSPF on there. But what about the other interface - is it better to add them as passive OSPF or redistribute connected ?

 

 

palo alto website outages

Hi all,

 

Look, I don't want to tell the good people at Palo Alto how to do their jobs, but it would be great if they could push https://knowledgebase.paloaltonetworks.com/ back online. I've been on hold for over an hour for basic information available

...

EDL Notifications

Is it possible to create notifications when an EDL is refreshed? My security team would like to know so when they recieve the actual IP lists and URL lists that the PAN is getting updated at the same time. Thank you. 

Tecumseh by L0 Member
  • 2087 Views
  • 1 replies
  • 0 Likes

Resolved! Threat Vault and Virus/Win32.WGeneric.aalbaq

Hi all,

 

Curious if anyone can point me toward amplifying info regarding Threat Vault signatures? From what I can tell, these generic signatures usually tend to generate false positives. It's hard to investigate why the alert is getting triggered when

...

Policy to access apple-istore

Hi All,

 

I created a new policy to access apple-appstore for couple for users for testing purpose.

 

Zone - trust to untrut zone

address - any

user - user group name

application - apple-appstore

service - application- default 

action - allow 

 

Looks like the

...

Resolved! Problems with CentOs 7 and MM 0.9.52

 

Hi guys,

 

I used to run standalone MM 0.9.50 with CentOS 7, perfectly. Last week I updated MM to 0.9.52 with the help of @lmori and the proccess was completed with success. See ( https://live.paloaltonetworks.com/t5/MineMeld-Discussions/Updating-Mine

...

Captura_Minemeld_0_9_52_Dashboard.PNG
Captura_Minemeld_0_9_52_Nodes.PNG
Captura_Minemeld_0_9_52_Nodes2.PNG
Captura_Minemeld_0_9_52_Nodes3.PNG

Advanced objet search in the policies panel

Hello,

 

One of our customers moved from Checkpoint to PA and he's complaining about advanced search in the security rulebase.

For example, he would like to search for and IP (source) with is used in an Address object or in an Address Group Object and w

...

licenselu by L4 Transporter
  • 3112 Views
  • 3 replies
  • 0 Likes
  • 23654 Posts
  • 107 Subscriptions
Top Liked Authors
Labels