General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Dual WAN (ONE ISP and MPLS link)

 Hello All,

 

Need your help/guidance on the following requirement

 

We have 2 WAN links, One ISP with Static public IP and  MPLS connection for Internal server access.

 

Requirement: 1) All the Internal users (Trust Zone) has to go through ISP Wan for Int

...

Sharan.k by L0 Member
  • 1475 Views
  • 2 replies
  • 0 Likes

Resolved! User-ID Agent exclusion list

Hi All

 

Is it good practice to exlude all server subnets in exclude list as I believe we are not interested in administrators to IP mapping for servers?

 

What could be the user cases for exlcude list on firewall and user-id-agent?

Template stacks limitations

Hey all,


I think I am hitting a limitation on the template-stacks, but maybe there is a nice workaround that you guys can help me with...

 

Contrary to Device groups, which have "shared" objects, templates use stacks which is a little different.
The limi

...

mr.linus by L4 Transporter
  • 4726 Views
  • 4 replies
  • 2 Likes

Resolved! User-ID based policies exclusion

Hi

 

I want to enable user-id features in all security policies. But I have a question, from users to Domain controller, I should not use user-id feature? as firewall does not know about user-ip mapping untill users are login to domain controller?

Also

...

Resolved! Zscaler and Minemeld v2

Hello,

 

I'm trying to get simple data from https://ips.zscaler.net/pac/json. I tried to exploit the extractor with http://jmespath.org/ but really, I don't think I need an extractor here, just indicator "ip".

But it doesn't work :

age_out: defau...

GlobalProtect Client is not Connecting

 Hi there , 

 

i'm new here , hope i get a reply  

 

i'm using an ipsec tunnel between two site .

 

in the second site i'm not able to use the globalprotect , he cannot connected .

 

but , when i change the desktop dns to 8.8.8.8 it worked . 

 

any solution !

...

Resolved! Issue with Windows Insider Updates when using SSL Decrypt

PAN-OS 8.0.x

We have users not receiving updates for Windows Insider Program builds when SSL decryption is enabled.  

 

Does anyone know what changes need to be made to make this work?  I've solved a few other SSL decryption issues where decrypt-excepti

...

DMast by L2 Linker
  • 5096 Views
  • 9 replies
  • 0 Likes

Non-reordered IoC feed

I have an IP IoC feed that I would like to ingest and re-publish via MM.

 

The feed is ordered by priority i.e. earlier addresses are newer\more active\higher risk, but if I ingest and publish (miner -> output) it is re-ordered by numeric order.  Is

...

apackard by L4 Transporter
  • 1930 Views
  • 1 replies
  • 0 Likes

Using Minemeld to mine Adobe Creative Cloud addresses?

I saw this link where someone was looking at this same type of thing I am trying to do but I have not seen someone actually create the miners for Minemeld w/ Adobe. I am looking at their GitHub on how to create a miner for them myself, but I figured

...

acdop100 by L0 Member
  • 3307 Views
  • 1 replies
  • 0 Likes

Decrypt Port Mirror problem

We have decrypt port mirrior license on our PA-850

But under interface types we can not see the Decrypt mirror type interface

The Pan-os version is 8.0.8

 

Screenshot_7.png
Screenshot_8.png
Radmin_85 by L4 Transporter
  • 2571 Views
  • 5 replies
  • 0 Likes

Resolved! PA 500 not booting up

Hello,

 

we tried to make a factory reset on PA 500 following this link

 

https://live.paloaltonetworks.com/t5/Management-Articles/How-to-perform-a-factory-reset-on-a-Palo-Alto-Networks-device/ta-p/56029

 

Finally we have not been able to make the factory

...

Denis by L2 Linker
  • 3293 Views
  • 6 replies
  • 0 Likes

VPN tunnel to a firewall NOT internet facing

Hi,

 

I have a scenario with two sites which has two sets (HA) of firewalls, external and internal. So external handles everything internet and behind the internal the datacenter resides. Clients are in between.

 

We have MPLS between the sites which ter

...

Filtering the monitoring log fails endlessly

Pretty often seemingly simple monitor filters seem to get our PA devices in an endless loop.

 

For example:

( rule eq management_services ) and !( addr.dst in a.b.c.d ) and ( app eq ms-sms )

 

will never succeed. The fitering start running, shows a couple

...

mvdven by L1 Bithead
  • 2274 Views
  • 5 replies
  • 0 Likes