General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! PA HA failover and IPSEC connection shows inactive

Yesterday during PAN OS upgrade when Passive PA became active I saw that our IPSEC connections stopped working.

CLI shows status as inactive

I did clear vpn command

test phase 1 and phase 2 still samething.

Only way to make this work was via restartin

...

Mitigating CVE-2019-0624

HI @reaper , @gwesson

I'm seeing the subjected CVE is missing in palo alto vulnerability profile.

How can I mitigate this vulnerability.

https://nvd.nist.gov/vuln/detail/CVE-2019-0624

Regards

Venky

Dynamic update release date

Hi Community,

Hope somebody can address my below query.

I am able to see the Release date of App&threat version 8146-5421 as 2019-04-25 UTC in both threat vault and support portal( is it actually UTC time??, i am seeing 1-day gap here !),

But my firewa

...

Block XLSM, AHK extensions

Hi Team

How to block the XLSM, AHK extensions in firewall?

Please help us

Regards

Mohammed Asik

Resolved! Can you add a custom report to the PDF Summary PA-850?

I've been trying to figure out if you can add custom reports to the PDF summary report or how I can group a list of reports into one PDF report. My CIO likes the summary report but would like it to be monthly or quarterly and I'm trying to figure out

...

Resolved! in case of using mgmt port for HA1 how do i replace the mgmt port important functionalities?

i have a small new palo alto , i have read i should use mgmt port for HA1 with the second palo alto , but if i do so how can i make up for the mgmt port important functionalities like updates and dns if i use it for HA? im confused

Resolved! managment port importance?

this is my first time deploying palo alto , is it important to have the managment port connected? does it play important role in the device function or is it just solely for managment?

like can i manage the device from the inside interface only?

Resolved! Passive PA and IPSEC Connections

We have PA in active passive mode,

We have ipsec connections going to end devices.

When i check the passive PA GUI I see

All Phase 1 connections as red

All Phase 2 connections as green

IS this normal behaviour?

Resolved! allowing and denying ip address traffic on VWIRE?

i have a core switch and a router which connects to other router to reach the internet , i was wondering if i put the palo alto as a VWIRE between the core switch and the router would i be able to control which ip addresses can go to the internet and

...

Disk usage for / exceeds limit, 95 percent in use.

I know there have been several messages about this issue, but so far, the only solution Palo Alto has given, is to update to a new version. We have followed PA suggestions and months after the update, the issue starts again and their solution will be

...

Queries on IKE and GP Gateway

Hello,

We are planning to use Faster Link (400MB) as our primary link in our org.

Once we get this link running, we can get it setup with GlobalProtect and start setting up the remote sites to connect to that link as a secondary tunnel until we are re

...

Can a PA firewall replace a Squid/DansGuardian setup?

Currently, in our schools, we use Squid+DansGuardian for basic web content filtering (URLs, phrases, domains, client users, and client IPs). We use Squid for handling the HTTP requests, not for any local disk/mem caching.

It appears that most of thi

...

Resolved! Clear Alarm LED?

Hey all, I have a PA-220 that has the Alarm LED lit. The cause was that someone tried to insert a power supply from a PA-200 into the PA-220. Thinking that what happened is that a brief short was created which triggered the alarm. All other LEDs a

...

Virtual router to virtual router communication

Hi,

We have a setup in which a switch is used for interconnecting several virtual systems to a perimeter router. The switch is going end of life and needs to be replaced. Is it possible to replace this switch with a "Virtual router" in Palo Alto?

Be

...

Resolved! VPN switching to SSL instead of using IPSEC

Hi,

I've configured my VPN tunnel to use IPSEC. However, immediately upon logging in the session switches to SSL. I'm wondering if anyone has experienced this.

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free