General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Minemeld Installation OVA + ISO : LiveCD or removable?

Hi everyone,

I want to install Minemeld following the official tutorial [1] that uses an Ubuntu OVA + MineMeld ISO that installs the software during the first boot. My question is if that ISO can be removed after first boot and the consecuent install

...

Azure Datacenter IP Dynamic List Issues

Hi all,

We have the azure_cloudIPS miner, processor and outpur working and can view the list of IPs via the link (https://minemeld.mycomp.com/feeds/AZ_DC_IPS). We have simplar feeds setup of Office365. However, the on teh PaloAlto, the dynamic l

...

Advise on using AD user-id in local PA groups?

I am struggling with utilizing ActiveDirectory groups in firewall policy. My concern is then our AD administrators have control over transversing our firewall policy. Generally speaking say for example we have a FW policy setup where AD group ServerA

...

Resolved! How often does the Integrated User Agent query the Domain controller for security logon events?

Hi;

How often does the Integrated User Agent query the Domain controller for security logon events? Is this period the same if you run the agent on a separate host?

Can you change this time.

Kindly

Wasfi

Resolved! New GP deployment - DNS, ping, and tracert work, but no app traffic

I've set up a new GP config on a new PA-820 firewall. I have an old firewall I'm replacing, but I'm running them side by side. On the new 820 GP, I can connect with a GP client, and then ping internal servers. I can verify that DNS is working with ns

...

Resolved! What happens when you do switch user, does the integrated User Agent logoff the original user?

Hi;

What happens when you do switch user, does the integrated User Agent logoff the original user? Does the original entry in the user to IP mapping table get overwritten ?

Kindly

Wasfi

Resolved! User-ID Proof Of Concept - With Proxy

Good afternoon Team,

Pardon my stupidity here. I'm running a PoC at the minute and customer is keen on the User-ID aspect. However, the have most of their users behind a proxy.

We have configured the PoC in standard TAP, with LDAP server profile etc

...

One to one NAT mapping for many to many

Sonicwalls have a setting that allow a /24 subnet being natted to a different /24 subnet to get mapped on a one to one basis.

Example, 192.168.1.10 will get bidirectionally natted to 10.0.0.10, 192.168.1.11 will get bidirectionally natted to 10.0.0.

...

Query on Split tunneling

Hello,

We are trying to exclude one IP from including routing in split tunneling.

VPN is working, however, I found that when going to 192.168.16.22, still through VPN rather than local LAN.

What we need to setup is ONLY this range, 192.168.0.0/16, wil

...

Resolved! Can Wildfire be integrated with Traps?

Hi;

If Wildcard declares a file to be melisious after having been downloaded by one user, then what? Can Wildfire inform End Point Protection Traps management to quarantine that particular user device?

Kindly

Wasfi

Resolved! What is applied first Wildfire profile or AV profile? Is the file AV scanned or sandboxed first?

Hi;

My understanding is that the PAN OS performs a hash of the file, then checks with Wildfire to see if this file has been seen or not. If it has not been seen, then it performs an AV scan on it to determine if it matches a known signature. If the f

...

Many to many dynamic NAT (/24 to /24)

Is there a way to make a dynamic NAT rule that translates one /24 subnet to another /24 subnet work in both directions and map last octet to last octet? There's a way to do it in Sonicwall so if your natting a subnet to another it will make .20 on th...

Resolved! What's the best user to block internal users trying to access the internet with a VPN client

Hi;

What's the best way to block internal users trying to access the internet with a VPN client. I mean I want to disallow all internal users from establishing a VPN while on the "Trusted Zone", whether it is an IP-SEC or SSL VPN.

Kindly

Wasfi

Resolved! Why Panorama commit is always not greyed out

Why Commit in Panorama is not greyed out even though there is nothing to commit

Problem with user mapping and GlobalProtect connection

Hello!

The access to GlobalProtect is done using certificates, it works alright, users are authenticated and identified by sAMAccountName.

Sometimes happens that the firewall re-maps the already identified user substituting the sAMAccountName with na

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Minemeld Installation OVA + ISO : LiveCD or removable?

Azure Datacenter IP Dynamic List Issues

Advise on using AD user-id in local PA groups?

Resolved! How often does the Integrated User Agent query the Domain controller for security logon events?

Resolved! New GP deployment - DNS, ping, and tracert work, but no app traffic

Resolved! What happens when you do switch user, does the integrated User Agent logoff the original user?

Resolved! User-ID Proof Of Concept - With Proxy

One to one NAT mapping for many to many

Query on Split tunneling

Resolved! Can Wildfire be integrated with Traps?

Resolved! What is applied first Wildfire profile or AV profile? Is the file AV scanned or sandboxed first?

Many to many dynamic NAT (/24 to /24)

Resolved! What's the best user to block internal users trying to access the internet with a VPN client

Resolved! Why Panorama commit is always not greyed out

Problem with user mapping and GlobalProtect connection

IKEV2 w Cert - Wildcard peer for DN does not work.

Transferring assets from one CSP Tenant account to another

Proper "outside" interface configuration

Configuring Palo Firewall into an IDS

A question about ECMP

Re: MFA external provider question

Re: GlobalProtect 6.3.3

Re: SPARE device usage

Re: Upgrade path to 11.2.5 from 11.0.0 on a PA-410

Re: Global Protect application blank screen

Unlock your full community experience!

Rules and Best Practices

Resolved! How often does the Integrated User Agent query the Domain controller for security logon events?

Resolved! New GP deployment - DNS, ping, and tracert work, but no app traffic

Resolved! What happens when you do switch user, does the integrated User Agent logoff the original user?

Resolved! User-ID Proof Of Concept - With Proxy

Resolved! Can Wildfire be integrated with Traps?

Resolved! What is applied first Wildfire profile or AV profile? Is the file AV scanned or sandboxed first?

Resolved! What's the best user to block internal users trying to access the internet with a VPN client

Resolved! Why Panorama commit is always not greyed out