General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Jump in Suspicious HTTP Evasion Found and Suspicious TLS Evasion notifications

Recently I have noticed a jump in detections of Suspicious HTTP Evasion Found and Suspicious TLS Evasion Found going to genuine website such as eBay, Amazon, Apple etc. The firewall is setup as a DNS proxy that forwards on to PiHole and then out to a

...

Resolved! Geography blocking to China, now need to make exception for a single IP address.

Under Policies we are using deny by region with the country objects listed. One being China. I have a request for some needed technicians to be able to receive traffic now from one specific IP address in China.

How does one add a single IP exception

...

Resolved! Expedition Export

We are trying to migrate a Checkpoint firewall. We have Expedition set up and have imported Panorama as our base config. We were able to add the Checkpoint as well and merge the configurations. However, upon export, the process hangs. We have tai

...

Resolved! User-ID Agent on MS Server 2019

Does anyone know if Server 2019 is officially supported, for running the User-ID agent yet?

Also, any reason i shouldn't run version 9.0 if my firewalls are 8.0.16?

Thanks

Issue with GP VPN

Hello,

We have setup GP VPN and it works, VPN client can talk to network.

However, if we take initial from internal work to VPN client, it is not working.

For example, when VPN enabled, I got an IP: 192.168.246.9, and it can reach server: 192.168.16.3

...

Why viruses/spywares passes PA device unblocked?

Hello

Until now I trusted that default configuration for most purposes is OK.

Today I discovered that few viruses passes in smtp traffic to my email server. I'm curious why?

when in web-broswing traffic the same type of aplication "virus" was denied.

My

...

Is that possible to configure internet via usb dongle n PA 220

Dear All,

Is there is any other chance to configure the internet via usb dongle in the Palo alto firewall.

Resolved! Is tech support file - Stored in DP or MP

Curious to know when we create tech support file on PA is it stored in DP or MP?

Default username and password not working on PANOROMA

GLobalProtect agent can't connect to th internet

IPv6 over backup interface

I have IPv6 over my backup ISP (dual PA 3020s).

I am trying to route all IPv6 traffic over that interface but not having much luck passing any IPv6 through the PA. If I ping6 internal and external hosts from the PA itself it works. If I try to ping/

...

Resolved! Init session - Is TCP 3 way handshake gets completed here?

Init session info

Does TCP 3 way handshake gets started and completed here?

Resolved! IPSEC tunnel is up but can not ping through

I have IPSEc ikev1 tunnel with vendor.

Phase 1 and 2 are up and green.

From PA from my Lan interface when I ping remote lan subnet ping does not work.

I see no return traffic from vendor to PA.

IS this normal behaviour to have Phase 1 and 2 up but r

...

Issue with PBF rule

Hello,

We added a new VDSL Link on port 1/4 and created the PBF rule so that if the primary goes down, it will switch over to the backup. PBF rule is working fine and internet failover works okay.

However, customer accesses an internal Server across

...

Require to monitor our VPN tunnels via the WhatsUp Gold monitoring tool

Dear All,

We require to monitor our VPN tunnels via the WhatsUp Gold monitoring tool, for which we would require the exact OID for our Palo Alto device. Kindly help in this regards. For this we can have a session with the Whatsup team.

Regards

Karthik

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Resolved! Jump in Suspicious HTTP Evasion Found and Suspicious TLS Evasion notifications

Resolved! Geography blocking to China, now need to make exception for a single IP address.

Resolved! Expedition Export

Resolved! User-ID Agent on MS Server 2019

Issue with GP VPN

Why viruses/spywares passes PA device unblocked?

Is that possible to configure internet via usb dongle n PA 220

Resolved! Is tech support file - Stored in DP or MP

Default username and password not working on PANOROMA

GLobalProtect agent can't connect to th internet

IPv6 over backup interface

Resolved! Init session - Is TCP 3 way handshake gets completed here?

Resolved! IPSEC tunnel is up but can not ping through

Issue with PBF rule

Require to monitor our VPN tunnels via the WhatsUp Gold monitoring tool

IKEV2 w Cert - Wildcard peer for DN does not work.

Transferring assets from one CSP Tenant account to another

Proper "outside" interface configuration

Configuring Palo Firewall into an IDS

A question about ECMP

Re: MFA external provider question

Re: GlobalProtect 6.3.3

Re: SPARE device usage

Re: Upgrade path to 11.2.5 from 11.0.0 on a PA-410

Re: Global Protect application blank screen

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! Jump in Suspicious HTTP Evasion Found and Suspicious TLS Evasion notifications

Resolved! Geography blocking to China, now need to make exception for a single IP address.

Resolved! Expedition Export

Resolved! User-ID Agent on MS Server 2019

Resolved! Is tech support file - Stored in DP or MP

Resolved! Init session - Is TCP 3 way handshake gets completed here?

Resolved! IPSEC tunnel is up but can not ping through