General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Custom Vulnerability Signature Name in Panorama logs

Anyone using custom vulnerability signatures in Panorama?

Simple example.

Threat ID 41000

Name SSH-Auth-Brute-Force

Using existing signature 31914 with Time Attribute to block source IP if too many login attempts in specified time period.

My issue is t

...

Resolved! Skype for Business vs Skype

Hi All,

is there a way for Palo to distinguish between Skype and Skype for business?

Application list only suggests you single Skype application...

Idea is to block regular skype and only allow skype for biz, maybe there are any weird workarounds....

...

Carve public Subnet without involving Vendor

Anyway to accomplish following without modifying routes at the router?

I have a subnet 1.1.1.0/24

1.1.1.1/24 PAN ETH1 Need to route 1.1.1.50 from ETH1 -> ETH3 as it sits behind ETH3. I need ETH1 to reply back to router when it says arp who has for 1.

...

Resolved! ip id in wireshark to confirm PA is not dropping the traffic

I am troubleshooting sharepoint connection to cloud on port 443

pcap and global counters show no drops

i see no discards in the cli.

when user access the website he sees blank page no contents

if i confirm the ip id in pcaps of the PA is same from rec

...

User lockouts in STS (external authentication service)

We are experiencing a high number of user lockouts with our externally accessible STS.

The traffic is HTTPS so it is making it through our blocking policies.

We are requiring MFA through DUO but the challenge/response for the username/password is hap

...

ISC DHCP Server Zero-Length Client Identifier Remote Denial Of Service Vulnerability

Can a vulnerability quit showing up in the threat logs but still be there or a issues?

for instance this

Name: ISC DHCP Server Zero-Length Client Identifier Remote Denial Of Service Vulnerability

Unique Threat ID: 35223

Upgrading from 8.0.6 to 8.1.4 Issue

I am trying to upgrade from 8.0.6 to 8.1.4.

I can upload the image via the GUI and it states it saved. I use the cli to install the software package and it fails. I have downloaded 8.1.0 and 8.1.4. Do I need to upgrade to another iteration first?

Sid

...

Resolved! Downgrade from 8.1.3 to 8.0.13

Hi 2 all

What is "best practice" to downgrade from 8.1.3 to 8.0.13 step by step?

For PA VM-300

Security Policy organization best practices?

We're working on an audit of our security policies to start getting rid of some generalized rules and start making things more specific. I figured we could do some organization at the same time. I'm curious how others are organizing their security

...

Resolved! Block Domain on NGFW

Hello,

can you anyone let me know how i block access based on domain name, e.g. i want a rule to allow all SMTP inbound except from domain testblock.com, how do i do this?

Thanks

Ryan

Resolved! Global Protect Portal Cached credentials

Under Global potect client logs i see in PAN GPA logs

cached credential for the portal

does it mean it i using username and pw for only the portal connection?

if i do not want portal to use cached credential what config change i need to do?

Source User is empty in Monitor tab

Hello!

Sometimes the "Source User" column is empty. What should I check in the settings?

PAN version 8.0.10

Thank you!

Upgrading from PANOS 8.1.3 to 8.1.4h2

Hello,

I'm currently running 8.1.3 on a pair of 3020s. Can I upgrade from PANOS 8.1.3 to 8.1.4h2, or do I need to install 8.1.4 first?

Many thanks,

Roberto

Issue in Retrieve framed IP address attributes from authentication server

HI Guys,

I have deployed radius server for authenticating the third party Ipsec clients.

When I connect to global protect from my mobile third party ipsec client it is getting connected via x auth support enable in global protect gateway and authent

...

Resolved! Policy not catching correct traffic

Hi all, first time poster so go easy!

We're running into an issue where a rule that is meant to catch ether-ip traffic on port 20033 is slipping through and being caught by a lower rule which allows any application and service. Rules as follows:

Whe

...

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource