General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

USER-ID and problems with runas /netonly in combination with MMC modules

Hello,

as a safety measure i placed my workstation in a different vlan and from there i'm managing our network and servers which are located in the designated dedicated vlans.

On the firewall we have a rule which makes it possible for our 'admin' a

...

PAN DB URL filtering issue.

Dear all,

One of my customer PAN DB License expired and we try to block all Youtube videos excluding some the vidoes links in Youtube.

My query here is, whether if the device without a valid PAN DB Licence we will be able to acheive the above requir

...

Resolved! Policy details

Hi ,

Is there way to pull the details of all policies using same address/address group in Panorama via cli .

I can check from gui , but it will need lot of manul work .

Example: address group -" Test" is part of policy for 10 firewall managed by P

...

Difference between commit and commit force?

Somebody told me that #commit force pushes the entire configuration to the data plane.

Could you please let me know what you mean by entire configurations?

Thanks in advance!

Resolved! Office 365 Security Policy Question

In referencing the link below (FAQ - Office 365 Access Control), I'm concerned with a destination in the Security Policy for Office 365. What is everyone else doing for destination? The list of IP addresses for Office 365 Business products is long an

...

Resolved! API-Call for QOS results in 'interface has unexpected text'

Hi,

when I try to use an api call to query the qos statistics of an interface i get this errormessage:

<msg>

<line>

<![CDATA[ show -> qos -> interface has unexpected text. ]]>

</line>

<line>

<![CDATA[ show -> qos -> inte

...

Vulnerability in PA?

Hi,

We just received info about this vulneraability:

https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

So we would like to know if PA appliances are impacted?

Thanks

Resolved! Changing IP Addresses

Throwing this out here to see if I maybe creating any issues.

I have a machine that is setup in my firewall with an address object. Let's say it's its Machine1 and it's IP is 10.0.0.50. This machine will be decommissioned soon and I have setup ano

...

Resolved! Skype for business screen sharing and file sending - incomplete

Hi

We are getting reports of our Skype for business screen sharing or file sending isnt working today. We have had all the rules setup for a long while with no reported issues but today its not working.

When i check the firewall logs for a particular

...

Panorama Local Log Collector.

Hey, I have a HA pair of firewalls in SiteA and a HA pair of firewalls in SiteB. SiteA and SiteB seperated by a 1Gb WAN. I have Panorama deployed in HA, one VM in SiteA and one VM in SiteB. I want the firewall in SiteA to send logs "only" to the Pano

...

sip invite method request flood attempt

I have recently been dealing with sip invite method request flood attempt show up not only in my threatsm but also making it impossible to make calls external or external to internal calls because its trying to call a number every 4 seconds and takin

...

Resolved! Virtual Wires and Tag allowed

Hi All ,

Is there any specific reason why we can't have same VLAN tag defined on the parent virtual wire interface and the subinterface ?

Thanks ..

Allow outbound web traffic by exception by session while utilizing authentication

Is it possible to block all outbound http/https traffic on an authenticated per-session basis instead of a per-client basis? I currently have my PA setup so that it will only permit web traffic after authentication (using captive portal), however thi

...

Kerberos SSO PAN-OS 7.0.1

Hello,

at the moment I'm trying to set up a SSO Auth with the Admin Web Interface (and Captive Portal). I set it up like the documentation of PAN-OS 7.0 told me. I tried different Crypto types but all with the same error.

1. Log in to the KDC and open

...

Change password for TACACS user

Hi all,

Is it possible to allow Firewall administrators (authenticated via TACACS+ running on Cisco ACS) to change their expired TACACS passwords when they're logging in to Web UI of the Firewall ?

Cheers,

Marek

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free