General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Error in minemeld on U16.04 from fresh ansible install

Hi,

 

I have a new vm on U16.04 and have installed the latest minemeld using the minemeld-ansible.

 

Once all setup and running it was fine but about 20 mins later where I did nothing as I left my desk I came back to 

 

"ERROR RETRIEVING MINEMELD MET

...

DROP_UPDATE on Minemeld

Hello Community,

 

the logs on my Minemeld shows the below error for all that IPs that catch, could you please advice how to get ride of this problem?

Thanks in advance

 

DROP_UPDATE.png

Prompt for Password to access System Keychain

So the solution to this is in the below KB

 

https://live.paloaltonetworks.com/t5/Management-Articles/GlobalProtect-Requests-System-Keychain-Access-on-Mac-OS-X/ta-p/53332

 

In the comments, it is reqested for there to be a automated way to solve this pro

...

JCaserta by L0 Member
  • 895 Views
  • 0 replies
  • 0 Likes

HA First time Configuration

Im installing a single Palo at present with the intent of adding a standby unit in the near future. My question is regarding the interface addresses on the standby unit.

 

What do i need to configure on the standby unit in regards to IP addressing apar

...

welly_59 by L3 Networker
  • 1398 Views
  • 3 replies
  • 0 Likes

Resolved! How to generate GlobalProtect VPN Reports

Is there any way to provide reporting for GlobalProtect remote access VPN. Like for example I want a report of users who have connected in the past week, etc. How do i generate those reports?

VPN to Azure dropouts

I have searched high and low for this and found a few articles regarding IKE configuration and nothing seems to fix it.

 

PAN 3020 v7.0.5. IKE 2 VPN to Azure. The VPN works but around every 50 mintues the tunnel drops out for a few minutes then re-esta

...

dmann2 by L2 Linker
  • 14551 Views
  • 35 replies
  • 0 Likes

different content of backup files.

Hey!

I'm using curl and the xml api to automtically backup the config of my PA-3020:

https://live.paloaltonetworks.com/t5/Management-Articles/How-To-Backup-of-Config-Files-Periodically-without-Panorama/ta-p/77312

 

However, the content of that file looks

...

MPI-AE by L4 Transporter
  • 2752 Views
  • 6 replies
  • 0 Likes

GPCS and Minemeld

I wish there was a prototype in Minemeld to be able to track all GPCS endpoints via the API.

 

Currently you can only do it using this rather messy way :-

 

https://www.paloaltonetworks.com/documentation/10/cloud-services/globalprotect-cloud-service-

...

Resolved! Confidence level in logs

Hi, 

 

In minemeld logs from the nodes, taking AF-Ransomware node as an example,  I have 2 questions regarding the confidence, thanks!

 

1. does the confidence level come from the source feed?

2. can customers change this confidence level?

 

 

chtoh82 by L2 Linker
  • 3970 Views
  • 2 replies
  • 0 Likes

Resolved! Questioning about agentless user-id.

Hello!

I have questions about user-id functions.

1. How much user-id be supported by agent-less user-id? I guess that 64K user-id and 640 user-group would be supported on all of PAN model. right?

2. When using user-id collector, How much user-id and use

...

GP Always on VPN - Except if on internal LAN?

Is there a way to implement this? I have seen the internal host detection option but as far as I can see that is only to choose whether you connect to an internal or external gateway.

I want all remote site users to go through the Palo Alto, but I can...

welly_59 by L3 Networker
  • 1863 Views
  • 2 replies
  • 0 Likes