Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
jforsythe by Community Team Member
  • 27 Views
  • 0 replies
  • 0 Likes

Deleting Security-Policy Rules from CLI

I'm trying to find a way to mass delete a couple of rules from the CLI. Is there a way to do this?

I know you can run something like:

 

> show running security-policy | match Minemeld|MineMeld

But I have not found a way to actually remove one of the matc

...

fospina by L0 Member
  • 4060 Views
  • 1 replies
  • 0 Likes

Resolved! Office 365 and SSL decrypt

Hi

 

I have my PA's setup with O365 ip address and URL's using minemeld. Cool.

 

But I would like to decrypt that traffic and I find that de crypt ssl breask lots of O365 stuff.

 

Does somebody have a list of stuff I can de crypt or what I can't decrypt or

...

DMVPN router traffic through DMZ to trusted LAN

We are setting up DMVPN routers for on-demand VPNs from our remote sites to HQ.  our DMVPN routers have the front end exposed to internet and the back end is on our special DMVPN DMZ.  When the VPN is built from the remote site traffic from the site

...

Resolved! GP 4.1.1 wanting me to downgrade to 2.1.1 as an "Update"

I haven't had this issue with any other 4.1.1 clients I have installed for my users. We have been slowly rolling  out 4.1.1 while upgrading machines and replacing them with users. This morning when I came in to finalize a deployment GP 4.1.1 is now p

...

wtf gp.png
nrhoades by L0 Member
  • 2713 Views
  • 3 replies
  • 0 Likes

Query on wildcard certificate

Hello,

 

Our wildcard certificate doesn't have any SANs associated with it.

 

Is this a requirement for usage of a wildcard cert?

Can I use the same certificate for both web management and GP?

 

Thanks in advance.

Farzana by L4 Transporter
  • 2273 Views
  • 2 replies
  • 0 Likes

Resolved! Check other Panorama admin accounts last login time

Hi,

 

Please can someone tell me if there is a way to check the last login time of administrator accounts other your own account on Panorama (8.1.1) ?

 

We have multiple administrators and need to be able to identify accounts which are not being used. I

...

Dancourt by L0 Member
  • 3928 Views
  • 2 replies
  • 0 Likes

Resolved! downgrade from 8.1.3 to 7.1.16

I am trying to develop an upgrade path from 7.1.16 to 8.1.3 and i have a test PA220 that I am working with. I don't want to have to to a factory reset to my test firewall but so far it has allowed me to upload a 7.1.16 image, but they when i try to i

...

jdprovine by L4 Transporter
  • 1833 Views
  • 2 replies
  • 0 Likes

Resolved! Site / urls you don't want to decrypt

Hi

 

I have a set of decrypt rules

 

1 to no decrypt based on 

src address

or 

dst address

or 

url - the usl is from custom objects / url category where I add in url's lile *.lync.com

 

then i do my decrypt line so the above gets hit first and then the decrypt

 

...

ssl decryption and temp cert management

Hi

 

I ran into an issue with the decryption cert being provide by my PA it had expired.

 

it was 30 days in. I believe this is an issue with the date time comparision and timezones as it has fixed itself today.

 

How do i find / look at these temp certs v

...

Dynamic update error " Failed to upload image..."

While trying to push dynamic updates from Panorama to managed devices it is failing for some of the devices(PA-200)

It gives an error " Failed to load image.."

We have checked the licenses of the devices for which dynamic updates are failing and found

...

tac.in by L3 Networker
  • 5941 Views
  • 3 replies
  • 0 Likes

Rest API for CPU utilization

Hello, 

 

I'm trying to create a Rest API URL to check the CPU utilization on my management and data planes and create a report to monitor over time. Using commands like show running resource-monitor did not give me exactly what I was looking for. I us

...

  • 23584 Posts
  • 107 Subscriptions
Labels