General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Is there a way to disable specific traps in PAN?

I have a long open issue with PAN TAC where the PAN 5060 is sending traps when detecting an issue with HA secondary availability. The HA is fine so these messages are just spam for practical purposes. Is there a means to disable these specific traps

...

Resolved! vwire for cisco ASA terminating ipsec vpn

We have cisco ASA where remote users ipsec connection terminate.

Need to confirm can we use the PA in vwire for this traffic?

Publishing website issue.

Hi Experts,

I am trying to publish a website, the webserver is behnid my Palo alto, i created NAT rule from public IP to be natted to the internal webserver IP address. What is starnge here is that i am not able to see my traffic when trying to reach ...

PLEASE HELP.. same config but not working! from PA 3050 to PA 3220

Dear experts,

I am moving from PA3050 to PA3220. I did export the current configurations from the old PA3050 and imported to the new PA3220, i committed successfully, but when i migrate cables from old device to the new one i get random issue! like s

...

Old certificate showing even after new certificate mapped to the ssl profile

Hello,

We are using Software Version - 8.0.8, Global Protect Agent - 4.0.4

One user is able to connect the VPN through portal but when accessed the URL from the internet still seeing the old certificate after new certificated mapped.

We tried to rein

...

Resolved! Recommended PAN-OS version

Hello

Please need to know the recommended upgrade PAN-OS version from Paloalto for PA-3020.

Appricate your help

Thanks

Preventing Split-Brained Monster, HA Failure Technique Idea?

I am trying to develop a technique to handle HA failure conditions, between two PA units, in an "Active/Passive" configuration.

What I want to try is to connect an HA1 link to an intermediate switch. By default, what I notice is that if I take down t

...

Global Protect connects even machine certificate not present in store

Has anyone encountered this issue ?

https to portal interface IP gives an error "Valid client ceriticate required".

GP users are still able to connect to GP VPN even if machine certificate not present in store.

I have Global protect Portal configura

...

File Blocking applications

What is the reason that the Applications field within File Blocking Profiles only allow a subset of all applications? For instance, I have a file blocking profile that alerts on several file extensions for webmail applications I've specified, and I'm

...

Resolved! Mitigating CVE-2019-5786

Anyone know which Content Update (released or upcoming) might contain a mitigation for CVE-2019-5786?

Description: https://www.helpnetsecurity.com/2019/03/06/chrome-cve-2019-5786/

Cheers

Resolved! Global Protect and no Source User Identified

I have a user with Windows 7 and Global Protect who couldn't get to an internal web site. When I went to look in Monitor/Logs/Traffic I could see that the Source User field was blank and therefore not hitting the anticipated allow policies. He says i

...

Resolved! GlobalProtect Multiple Portal Support

I have GlobalProtect 4.1.3-8 and durning the install I added to portails and there is now a portal selection at the bottom but ater make a connection it is always grey and I see no wat to log out of the current connection.

This is on a Windows 7 ins

...

Pushing Local Admin Accounts from Panorama

Hi,

Please forgive me if this is a stupid question as I am quite new to Palo Alto firewalls and Panorama.

We currently have Panorama running on PanOS 8.1.6 and the same for our firewalls.

We are using AD accounts for all our Administrators using radi

...

Resolved! Is there an equivalent to "tail -f log" or viewing the last x log messages?

I have some 5220s, but I am assuming this question would relate to other platforms, as well.

On the 5220s, is it possible to look at the last x number of log messages, depending on the log type, or a PAN OS equivalent to the Unix "tail -f logfile," f

...

Can't push template stack to PA-220 (getting new errors every time)

Can someone help me configure this firewall from Panorama? I created a template stack and added 2 templates to it. The first template is a global template which has all the standard settings on it (banner, time zone, etc..). The second template ab

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free