General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Global Protect with Multiple Portals - Transparent Configuration

Have a client who is rolling out a global GP deployment and looking for redundancy. We have setup portals and gateways on all of their firewalls and everything is working great from being able to connet to the right gateway to being able to choose different gateways. We have now started discussing HA for the portal FQDN itself as this seems to ...

Error process CSV files published as Microsoft Articles

Hi, I'm using pluging "ms-article-miner" from Xavier Homs to miner ip Microsoft space. https://github.com/xhoms/minemeld-msarticle https://live.paloaltonetworks.com/t5/MineMeld-Discussions/Miner-to-collect-Microsoft-Public-IP-space/td-p/186591 Firstly it was working but now it does not show anything. It shows in miner and processor but not...

Threat email alert throttling

We're setup to email threat alerts, and are getting an email for every alert generated.Is there a way to throuttle the emails? Particularly for a single threat that is blocked, we don't need 60 emails/min for all the blocks. It would suffice for the first 10 per 10 min interval. When you get the first 10 emails, you know someone is hammering you...

CHKlomp by L2 Linker
  • 3438 Views
  • 2 replies
  • 0 Likes

How to filter O365 API feed?

I would like to filter for indicators with the category "allow" or "optimize" only. How would you define the filter for that? I cannot find that much information regarding filtering using a processor. I hope my steps are correct? create a new prototype of the IPv4Generic processor create infilters for that infilters: - actions: - accept ...

Resolved! Office 365 MineMeld Miner Will Need Updating

Microsoft has announced a change to their Office 365 address and url documentation that I believe will need to be taken into account on the O365 miner in MM. https://myitforum.com/microsoft-phasing-out-office-365-urls-and-ip-address-ranges-resource-on-october-2-2018/ Basically, they are phasing out the old documentation page, which I believe...

Panorama Task Manager Is loading || unable to see any completed jobs history

Hi Team, We having Panorama which manages more then 30 devices, The problem I facing is when I check the Task manager on the left bottom it's loading continously and unable see any completed or ongoing processes of all devices even if I wait more then 30 minutes.But I can see those last jobs on managed devices coloum. I could not found any artic...

image.png

Resolved! Polling JSON Format for Okta

I am trying to create a prototype for a Miner that pulls IP's from a JSON formatted file. I have looked at the documentation for setting up a JSON miner (https://live.paloaltonetworks.com/t5/MineMeld-Articles/Using-MineMeld-to-extract-indicators-from-a-generic-API/ta-p/218757) and I am having little luck as the error messages in the logs are say...

doliver1 by L0 Member
  • 15195 Views
  • 7 replies
  • 0 Likes

Nonsense configuration changes from "preview changes"

Hello everybody, from time to time, whenever I commit small changes to my PAN firewalls, if I click on the "Preview changes" button I see (beside my changes) a list of items and configuration partials that are moved around, ie custom report configurations deleted from the top of the config and then added again in a lower portion of the config ...

grenzi by L3 Networker
  • 4391 Views
  • 2 replies
  • 0 Likes

Global Protect user id and machines

Hi , Is there anywhere that I can restrict that client vpn user "BOB "using the global protect that can connect only once and not many times the same time from different systems like I have users connecting from the mobiles , tablet and computer the same time ? I would like to have that user can connect 2 times the same time from different devices.

App-id Matching Process

I'm running PA-VM and created with one active rule: From: InsideTo: OutsideApplication: Web Basic Application group (ssl,dns,web-browsing,ping)Service: application-defaultAction: AllowSSL Decryption is disabled I'm facing issues browsing to websites with preconfigured App-ids:Not working:linkedin/soundcloud/batte.net/docs.google.com(any other ...

PA-Rules.png
linkedin-server-certificate.png
zizo94 by L0 Member
  • 5678 Views
  • 2 replies
  • 0 Likes

SLL Forward Decryption and Spotify

Hi All, Today I decided to implement SLL Forward decryption. Everything is working great except for one thing, Spotify. I know what you'll say, "You allow spotify?. Yes, but just for me. With decryption disabled spotify works fine, with it enabled it just skips through all the song in my playlist. Any idea what could be causing this?

Adding sub interface to existing interface

We are currently using our 3260 firewall to handle BGP to our MPLS router.the connection is trunked through our core switch, Native 200, allowed 200 & 255 (mgt & bgp respectively)Router 1:G0/1 10.200.254.3 (mgt)G0/1.255 10.255.255.129/30Firewall:E4 10.255.255.130/30 Untagged We are adding a second MPLS router for redundancy, Router 2: G...

Resolved! Disable Server Response Inspection for our SMTP server?

We are having horrible delays with email taking up to 30 minutes to be delivered. Our email servers send mail to a 3rd party email security provider. So, I disabled DSRI from our SMTP server to their SMTP server. Email speed was back to being delivered in seconds. I wanted to have someone else confirm that my thinking is correct on this that it ...

abrrymn by L0 Member
  • 8715 Views
  • 4 replies
  • 0 Likes

How to update the BGP Imports in a Panorama template

I am trying to update the Import values in the BGP parameters in the Virtual Router in a template on a Panorama. My command looks like this: set template Test-Template config network virtual-router default protocol bgp policy import rules Route-IN-MPLS match address-prefix 0.0.0.0/0 exact yes I get a message like this:Server error : Test-Templat...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels