This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4229 Views
  • 0 replies
  • 0 Likes

LDAP APP

We have a rule based on LDAP . However after enabling SLDAP on server end, Palos don't identify it as LDAP rather they identify it as SSL based traffic . what is the ideal way of defining the rule for it now 1. To define a rule above with Application- ANY and port and protocol as tcp-636. ? is there a better way to define it 2. To define a rule ...

Output node prototype that allows to specify file type (extension)

We have product in place that requires the indicators to be in a text file and verifies if the file type extension is ".txt" ( --> e.g. Pulling from https://ransomwaretracker.abuse.ch/downloads/CW_C2_URLBL.txt diretly works but doesn't when pulling from Minemeld by using any standard EDL prototype --> ..feeds/feedHCWithValue-RSWT1 ). Doe...

MaHe by L0 Member
  • 2976 Views
  • 2 replies
  • 0 Likes

Minemeld Error pulling O365 IP lists

I just stood up my Minemeld instance, was able to get it configured and verified it is pulling data from the default miners. When following the steps to secure O365, I am getting an error with the miner picking up the data. It constantly times out. I have read elsewhere on here that there should only be a read attempt each hour or they will l...

image.png

Resolved! Download MineMeld, Access Denied???

Having an unusual problem I cannot find a link that will allow me to download mindmeld.... and for the record there are lots of articles on the PAN site that have links, like this one https://minemeld.s3.amazonaws.com/minemeld-vm-0.9.11-3build2.ova When I click on it the following happens.... AccessDeniedAccess Denied1AA4195C840FC24750SPry...

Cannot upgrade Minemeld

After reading PAN-SA-2019-00015– Cross Site Scripting (XSS) in MineMeld, I need to upgrade to version 0.9.62 but this is what I get: ubuntu@sfovp-minemeld:~$ sudo /usr/sbin/minemeld-auto-update 2019-06-28 16:45:57,709 INFO:0.9.11 Current status: 2019-06-28 16:45:57,710 INFO:0.9.11 minemeld-engine: current: 0.9.52.post1 latest: 0.9.52.post1 201...

SSL Inbound Decryption with a web proxy doing SSL Forward Proxy!

Hey girls/guys. My clients on the internal network, talk to a web proxy on the internet that performs SSL forway proxy. This traffic traverses the Palo Alto firewall - we would like the Palo Alto to see inside this traffic for threats,etc. Note: The web proxy must stay - we cannot move this function to the Palo Alto firewall. Is it possible to i...

Looking for a keyword report

Hi Everyone,I would like to create a report that sends me a email either straaight away or on a schedule, that when a user performs a search for a keyword i.e suicide I am alerted. I workout how to create a report if the url contains a keyword, however that is not what I am after. Many thanks in advance for any suggestions. RegardsPaul

packet size

Hi,How the packet size impact throughput .Why do we require higher throughput when the packet size is small. How do we identify the packet size during the poc time ?which service will be using the smaller packet size ? Thanks

simsim by L4 Transporter
  • 5523 Views
  • 3 replies
  • 0 Likes

Internal Gateway not working

I'm trying to create an internal gateway to be able to capture User ID fully and start creating User ID based rules. I created the dns records and put the gateway on a loopback interface on the firewall that is in the internal trusted zone. I have done the cert work and confirmed that the name resolution is working. When looking at the logs it...

Authentication with LDAP server failed because received empty DN for user

Hello community, I have an issue and maybe you know the reason. Here the situation:Trying to create an authentication profile to authenticate with active directory but it´s not working.When testing the profile with "test authentication ... " command I get the following error:Authentication to LDAP server at X.Y.Z.E for user "......"Egress: X.X.X...

Carracido by L4 Transporter
  • 6566 Views
  • 1 replies
  • 0 Likes

Resolved! Source User ID being replaced by service account for SCCM

We have a service account for SCCM (Microsoft's System Center Configuration Manager) which will log onto our user PCs to run a scan to identify what is on the device. At times this account will log on after the user and will make it so the firewall sees the service account instead of the actual source user's ID. I have asked and we are not abl...

Recommended Version

Good Morning: What is the recommended version for the Palo Alto 3050 series firewalls? We are currently running 8.1.8 What are your thoughts on 9.0.2-h4? Are there any problems with it, or should we more likely than not be good to go?

birkhojk by L2 Linker
  • 4282 Views
  • 2 replies
  • 0 Likes

Custom URL Category and SSL Decryption

Hello all, We have a custom URL category created to exclude sites from SSL decyption. We have the category set to no decrypt on the firewall but recently we encountered an issue where URLs that we add to the custom object were not getting categorized as such. We talked to PAN TAC and they recommended adding a "/" to the end of the URLs. We teste...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks