General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

IP address is Exempt from SSL decryption But traffic log shows decrypted

There is this Microsoft Application autopilot with tons of urls and destination IP addresses. I have created the SSL decryption Rule on Top for no decryption for all those IP addresses. When i see traffic logs it shows decrypted when i see url logs it shows no decryption for those IP's.Is this by design? I never saw like this before?

MP18 by Cyber Elite
  • 2326 Views
  • 2 replies
  • 0 Likes

Resolved! Failover issues with Active/Passive

Hello, Using 3020 HA pair. We are currently having two issues regarding fail-over:Fail-over time from primary to secondary takes about two minutes. Fail-over back to the primary takes on average 10 minutes. This seems excessive for a production environment.Once failed-over from primary to secondary, our externally-facing websites become inaccess...

URL Filtering

Hi All, We were configuring different URL filtering profiles on PA 5250 firewalls for each environment. Since the requiremnet is one environment should access specific set of URL's and other should acccess another specific set of URL's. for example the PCI envirmnet should not access the URL's defined for the HIPPA environment. So, we are endin...

How can I validate that my TAXII output miner is working?

Hi! Been testing the product for a couple of weeks, and I really am impressed, but while the TAXII/STIX miners work well from HailATAXII, I'm trying to feed output from my aggregator into a TAXII output to push to other tools down the line that can ingest the indicators and match them up from what comes out of our internal malware analysis. (S...

Basic setup- PAN8.0 + Minemeld issues

Hello All, Having a problem getting a basic setup running feel I am missing something simple. - Fresh install of MM on AWS. Built using Ubuntu and the following link: https://live.paloaltonetworks.com/t5/MineMeld-Articles/Manually-install-MineMeld-on-Ubuntu-Server-14-04/ta-p/98454 -Everything worked fine -Installed the O365 lists as this i...

Symbolic link - No such file or directory MineMeld 0.9.11-2build1 on Ubuntu 14.04.05LTS

Hi, I'm installing Minemeld behind a proxy server using the Ubuntu 14.04.05LTS image. The strange thing is that last week I've used exactly the same approach for demo purposes and Minemeld worked like a charm and got a 'Go' for it for production. This week, following the same approach the Minemeld instalation fails. I confirm that the VM has i...

Office 365 URL feeds include Dropbox and itunes?

Just started going through the new miners and looking over docs, we are not in production on our deployment for O365 yet. I understand there are app-Id's that would catch most of these, but I noticed that the URL Minemeld feed for the "any-any" version includes quite a few URLS....specifically including: www.dropbox.com www.youtube.com *.itun...

Sec101 by L4 Transporter
  • 10299 Views
  • 7 replies
  • 0 Likes

Resolved! Interface Management profile with public IPs?

Hi folks, We have a PA200 that is in a remote branch location. It's connected via IPSec tunnel for management purposes.After we had to switch it out last year because of a recall, I found it useful to create an interface management profile with our specific HQ public IPs access to it, in order to login to it when the IPSec tunnel was not availa...

OMatlock by L4 Transporter
  • 4853 Views
  • 3 replies
  • 0 Likes

Resolved! 2-Factor Authentication for Admin Login

HI all This is likely to have been asked before, but a search of the Live! forums didn't turn up anything relevantAs part of security best practices in my organisation, I'm looking to enable 2FA (via DUO) on the admin web interface I have the instructions for adding 2FA to user browsing via Captive Portal, and for adding 2FA to GlobalProtect con...

Block Hardcoded IP's containing files

Hello I am curious if there is a way to block hardcoded IP's containing applications? So I would allow downloads when there is a domain name but not allow the download when it is a IP. Example: http://x.x.x.x/filename.exe

Failing to apply VM license

Hi Guys, I am trying to apply CSSP license on one virtual firewall. When I try to attach the received license I receiving the following error: "Failed to install licenses, Model incompatible: feature model is VM100 while the device model is PRA” I got the same for two different firewalls, I am starting to suspect that the template has some issue...

  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels