General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! O365 URL rewrite

I'm using minemeld to pull the O365 urls into my PAN. I get a list that has entries like
*.domain.com
sub.domain1.com

I need to import those entries and rewrite them so they look like
*.domain.com/
domain.com/
*.sub.domain1.com/
sub.domain1.com/

Any po

...

Resolved! Dropbox Client not working

I have a policy rule to allow dropbox. I am performing SSL Decryption. The users are using the dropbox client (not web). I came across this article that mentions this will not work when decrpytion is on

https://knowledgebase.paloaltonetworks.com/KC

...

Resolved! URL Filter Test A Site page is broken

For about the last week https://urlfiltering.paloaltonetworks.com/ has been broken in way that makes it impossible to submit reclassification requests.

I have several sites that I'd like to reclassify, but I have been unable to do so.

When will this b

...

PCAP with only source IP Filter and Global counters

Hi Everyone,

For certian cloud apps we do not know specific destination IP as users have given is list of urls and multiple subnets.

My question is if we do PCAP with only source IP as filter and then do the PCAP and check the global counters for err

...

expired or resetted password issue with GlobalProtect Agent 4.1.6

An expired password change or a resetted password cannot be changed when using the Global Protect credential provider and PAN agent 4.1.6

I re-installed PAN agent 4.1.2 and tested this to verify if it was PAN agent related because this issue was a new

...

Resolved! App-ID Issues with Dropbox traffic

Hello,

We've got QoS setup on a PA-220 that classes any traffic marked with the dropbox App-ID. This class is then restricted to 2mbps. However we find that not all traffic generated by the Dropbox Sync client is marked as dropbox. Sometimes it's jus

...

Unable to get multiple global protect working.

PA3020 ,8.0.12.

I have working GP with a public ip.

I am trying to setup 2nd GP with 2nd public ip.

This 2nd ip is used as destination nat for rdp as well.

When I configure the loopback interface with 2nd ip and use it in portal and gateway ,rdp gets bro

...

How will threat functionality work with asymmetric routing

Posted this on threat discussions but havent had any responses. Please help me understand what will happen in this case.

I would like to understand what will happen to Threat Protection and AntiVirus(TPAV) in the following case. Both firewalls have

...

Seeson end reason aged out

HI friends,

We have created interzone rule looks like below

<entry name="Rule1>
<profile-setting>
<profiles>
<url-filtering>
<member>default</member>
</url-filtering>
<virus>
<member>default</member>
</virus>
<spyware>
<member>Sinkhole</member>
<

...

Rule base management best practices

Hi Everyone,

I'm new to the Palo Alto firewall system. My experience is with Checkpoint firewalls. I've been asked by management to look into the best practices for rule base management.

Currently we go through the rule and look at every rule and try

...

Log retention in firewalls and panorama

Hi, I have the following question related to log management:

why PAN-70X0 can't send event logs to Panorama ?
are the event logs stored in compressed format ? If so, what is the compression ratio ?

Regards

Mario

Looking for more information about Win32.Conficker.C p2p(12544)

Hi,

I am starting to see this threat id a lot but we are unable to find a machine that is infected. What does this really mean?

Resolved! Panorama failover and connection to Firewall

We have M100 in active and PAssive mode.

Did failover where active was suspended and passive M100 became active

Check the firewall it still shows connected to Suspended PAnorama and it is active one from FW point of view?

is this by design?

Resolved! Minemeld SSL Certificates

Hi - 2 questions:-

> How do we change the default SSL certificate on Minemeld? Standard Apache cert replacement?

> If we have a custom source running SSL with a self-signed cert, can we force a HTTPS miner to ignore the cert error?

Thanks!

Resolved! Load Partial Config: merge vs append

When loading a partial config you have 3 options: replace, merge, append. I can't find a description anywhere as to what exactly each of these does! Especially between merge and append. I did see this KB article but it really doesn't explain the

...

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help