UPDATE 11/8/23 11:43 a.m. EST:
LIVEcommunity’s System Update will be delayed. This means your use of LIVEcommunity will not be impacted this week (11/8-9), and you can proceed with business as usual.
Thank you again for your patience and stay tuned
...
We are excited to announce a new Engineering Blogs section on LIVEcommunity, exclusively curated by Palo Alto Networks engineers!
This dedicated area will be home to technical posts about Palo Alto Networks innovations to build scalable and reliabl
...
Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hi,
We are trying to add a devices in Panorama. We have checked the conectivity FW-> in port 3978. We can see the packet running tcpdump in Panorama about packets comming from FW.
so connectivity is OK. Everything looks ok. And we have another FWs in
...
In some of our firewalls I note a secondary IP address is assigned to a single HA group ID.
What is the value of having this second IP? The problem it's introducing is that SNMP Traps
are getting gerated once or twice a day noting that the secondary I
Hi.
I have a question about a scenario. Can Pan-OS/Firewall detected a infected host/client pc and take the following action.
Blocking internett access from the infected hosts/client pc and move the infected host to a another security zone?
OR
Just move
...
I'm running into an issue with external dynamic list threat feeds while using panos 8, the problem being is it seems they introduced a great feature to validate and authentication SSL sources by validating the signing CA for the threat feeds that can
...
Hello
I start the Panorama configuration and I created Device Group. My device group are based on our site location :
FR
- Paris
- Toulouse
I would like to know the best way for the configuration. If I create objects in Paris DG (object to define P
...
Hi all,
I upgraded from an 8.0 release to 8.1.3 to prepare for a migration to some new hardware. I did a commit after the upgrade to make sure everything was synced up between Panorama and the firewalls and I believe everything went ok.
I was making
...
Need to know when we need to exempt website from SSL decrypt what is the best practice
should we add the url in built in ssl exclusion list?
or should we create SSL decryption policy ?
Hello,
From more than 1.5k users, there are two users with the following problems:
They can connect to globalprotect portal, they receive ipadd / sm / def gateway / dns servers . There is no overlap between ip information received from firewall and l
...
Hi everyone,
Need to know the cores from 0 to 15 as shown below does it mean that 5220 has 16 dedicated CPU including number zero?
And all these cores are used by the DP only?
show running resource-monitor
Resource monitoring sampling data (per secon
...
Need to know can we see or scan user Data if we do PCAP on the SSL decrypted traffic?
Hi,
We have 2 PA VM100 devices. For some reasons we are not able to configure more network interfaces at the moment.
Can I create an active-passive HA cluster just using the Management interfaces in the way that the second device receives all configur
...
On port based firewalls we can use telnet from command prompt like
telnet 2.3.4.5 22
to check if port 22 is open or not.
what is best way to check from PA?
we have some users who use this old method
Hello Community!
I aim to configure a VPN between a Palo Alto firewall and Amazon VPC with a NAT device in between.
| PAN | <----> | NAT_device | <----> | Amazon VPC |
As far as I know this config would require NAT-traversal support in both ends.
Ama
...
Hello,
I wrote a local Taxii Client class that uses Cabby.
I can see the prototype in web UI prototype list.
I cloned it tried to commit.
But it says 'Unknown node class'.
I added my class in /opt/minemeld/engine/core/nodes.js then restarted minemeld.
Sti
...
Raido_Rattameis
aleksandar.asta
TomYoung
on:
PA OS upgrade issue and question
aleksandar.asta
