General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Screenconnect App

Hi to all, this is Marco. I just update my 850 from PanOs 8.0.15 to 8.1.7.

Now i can find in the APP list screenconnect.

When i try to create a rule using screenconnect, the firewall tell me unknow-app.

Keeping in mind that the destination addresses of

...

User ID Agent: Connecting (The stub received bad data)

Hi Community,

I have a problem with a User ID Agent issue.

I'm sure it's not related to the Palo Alto software - more a microsoft thing, but maybe one of you guys experienced the same:

User-ID Agent-Server: Windows Server 2012R2

User ID Agent 8.1.8-3

W

...

Rules Not Applying Appropriately

Hello everyone!

Let me preface this discussion questionb by acknowleding that I've inherited a PAN configuration that I know has issues.

With that said, I'm noticing that some devices do not get the correct policies applied when others that are in t

...

global protect configuration

I was just wondering how other people have their globalprotect clients configured? Who used on-demand vs autologin. Who uses prelogin checks etc and what works the best

Resolved! How long does PA stays as Responder in IPSEC connection

We have IPSEC from PA to vendor.

On GUI I see PA is responder

Does this mean that PA will remain as Responder until tunnel goes down ?

If rekey happens for phase 1 and 2 will still PA remain as Responder?

Resolved! Which Global Protect Agent Configuration is applied?

We are using 8.1, Global Proect has one portal and two gateways (and internal and an external). The portal has 3 different agent configurations.

How does one tell which of the Agent Configurations was applied/assigned to the user when they authentica

...

Blocking SNMP SET

Hi,

I have no control on the SNMP Server so unable to enforce policy.

As per security requirements I want to block / deny SNMP SET packets passing through Palo Alto firewalls as well as targeted to the Palo Alto firewall management plane. However I

...

Resolved! nat and security policies ip object need a subnet mask or not?

in my firewall i use certain ip addresses for outside to inside natting and for security policies , but im wondering , under objects do i need to specify the subnet mask "/24 , etc" for each object host or not? i specified the mask for the inside and

...

File uploading blocking using application ID

Hi All,

We want to block file uploading into some cloud based websites like (google drive, github and other cloud network storage).

Is there anything we need to get license for it?

Require historical report on Firewall Throughput, session , CPU and memory utilization.

Need to know about reporting feature on Panorama which provides historical ( last 30 days) utilization of Panorama manages firewalls.
I know that there is an option in Panorama under Health Managed device Tab. but it could not provide statistics prope

...

DHS AIS Miner SSL issue after Feb 13th

Hello,

DHS upgraded their server on Feb 13th and since then some people were seeing SSL errors. They told me, they have couple of organizations using Minemeld they are currently failing when they pull.

The error i see in my system below.

(8429)

...

VPN tunnel up alert mail

Hi Team

If VPN tunnel goes down we have receive a mail alert by severity critical. If the VPN tunnel comes up how can I get mail alert ? Please advise..

Regards

Mohammed Asik

New MineMeld install on CentOS 7 ... joined to AD domain. WEBUI login failing - bad creds

We have been running Minemeld on Ubuntu 18.04LTS, but since that OS is EOL I am working on a replacement server running CentOS 7. The server was built for me by the server team and was joined to the domain. I use my AD credentials to ssh to the serv

...

Resolved! Device document error

Hello all, I have a PA-220 I am trying to import into Panorama, but am getting an error. I have added the Panorama IP on the PA-220 and the PA-220's serial into Panorama's Managed Devices, and it's showing connected. However, when I go to Import de

...

Resolved! Global protect users issue

Hi Experts,

I configured global protect SSL VPN all worked as expected but i am facing an issue, GP users are not showing up on my monitor tab, i know that its a routing issue i did the below routing and created security policy to allow all GP traff

...

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free