General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! SSH to HA1 port - Password

Trying to ssh the active device from passive using HA1 IP address

mparmar2@Lab-EOCDC-NGFW-1(passive)> ssh port 28 host 1.1.1.11

mparmar2@1.1.1.11's password:

Permission denied, please try again.

mparmar2@1.1.1.11's password:

Permission denied, please tr

...

Resolved! Failover issues with Active/Passive

Hello,

Using 3020 HA pair. We are currently having two issues regarding fail-over:

Fail-over time from primary to secondary takes about two minutes. Fail-over back to the primary takes on average 10 minutes. This seems excessive for a production envir

...

Does PA-800 Series support IPS & IDS?

URL Filtering

Hi All,

We were configuring different URL filtering profiles on PA 5250 firewalls for each environment. Since the requiremnet is one environment should access specific set of URL's and other should acccess another specific set of URL's. for example t

...

How can I validate that my TAXII output miner is working?

Hi! Been testing the product for a couple of weeks, and I really am impressed, but while the TAXII/STIX miners work well from HailATAXII, I'm trying to feed output from my aggregator into a TAXII output to push to other tools down the line that can

...

Basic setup- PAN8.0 + Minemeld issues

Hello All,

Having a problem getting a basic setup running feel I am missing something simple.

- Fresh install of MM on AWS. Built using Ubuntu and the

following link:

https://live.paloaltonetworks.com/t5/MineMeld-Articles/Manually-install-MineMel

...

Symbolic link - No such file or directory MineMeld 0.9.11-2build1 on Ubuntu 14.04.05LTS

Hi,

I'm installing Minemeld behind a proxy server using the Ubuntu 14.04.05LTS image.

The strange thing is that last week I've used exactly the same approach for demo purposes and Minemeld worked like a charm and got a 'Go' for it for production.

T

...

Office 365 URL feeds include Dropbox and itunes?

Just started going through the new miners and looking over docs, we are not in production on our deployment for O365 yet. I understand there are app-Id's that would catch most of these, but I noticed that the URL Minemeld feed for the "any-any" vers

...

Resolved! Meaningful difference 820 vs 850 suggestions

Besides the throughput, sessions, zones, address objects, decrypt sessions, does anyone have suggestions on noticeable differences between the 820 vs 850 for performance?

Active/Active HA

What did it mean in Active/Active
· Session owner
· Session setup

Resolved! Interface Management profile with public IPs?

Hi folks,

We have a PA200 that is in a remote branch location. It's connected via IPSec tunnel for management purposes.

After we had to switch it out last year because of a recall, I found it useful to create an interface management profile with our

...

Resolved! 2-Factor Authentication for Admin Login

HI all

This is likely to have been asked before, but a search of the Live! forums didn't turn up anything relevant

As part of security best practices in my organisation, I'm looking to enable 2FA (via DUO) on the admin web interface

I have the instruc

...

Block Hardcoded IP's containing files

Hello I am curious if there is a way to block hardcoded IP's containing applications? So I would allow downloads when there is a domain name but not allow the download when it is a IP.

Example: http://x.x.x.x/filename.exe

Failing to apply VM license

Hi Guys,

I am trying to apply CSSP license on one virtual firewall. When I try to attach the received license I receiving the following error:

"Failed to install licenses, Model incompatible: feature model is VM100 while the device model is PRA”

I go

...

what’s the name of database where App-id,cotent-id is stored.

What’s the name of database where App-id,cotent-id is stored.

and Location where it is saved

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Resolved! SSH to HA1 port - Password

Resolved! Failover issues with Active/Passive

Does PA-800 Series support IPS & IDS?

URL Filtering

How can I validate that my TAXII output miner is working?

Basic setup- PAN8.0 + Minemeld issues

Symbolic link - No such file or directory MineMeld 0.9.11-2build1 on Ubuntu 14.04.05LTS

Office 365 URL feeds include Dropbox and itunes?

Resolved! Meaningful difference 820 vs 850 suggestions

Active/Active HA

Resolved! Interface Management profile with public IPs?

Resolved! 2-Factor Authentication for Admin Login

Block Hardcoded IP's containing files

Failing to apply VM license

what’s the name of database where App-id,cotent-id is stored.

IKEV2 w Cert - Wildcard peer for DN does not work.

Transferring assets from one CSP Tenant account to another

Proper "outside" interface configuration

Configuring Palo Firewall into an IDS

A question about ECMP

Re: MFA external provider question

Re: GlobalProtect 6.3.3

Re: SPARE device usage

Re: Upgrade path to 11.2.5 from 11.0.0 on a PA-410

Re: Global Protect application blank screen

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! SSH to HA1 port - Password

Resolved! Failover issues with Active/Passive

Resolved! Meaningful difference 820 vs 850 suggestions

Resolved! Interface Management profile with public IPs?

Resolved! 2-Factor Authentication for Admin Login