General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1237 Views
  • 0 replies
  • 0 Likes

Resolved! Can't create Nat rule using more than one source address

Hi all,

 

I'm trying to create Nat rule for source translate when the source is address group and it will not be bi-directional.

 

The address group include 2 address from objects.

The source translate is Static-IP tried to put object and specifric IP add

...

Nat rule error.jpg
SShnap by L3 Networker
  • 6629 Views
  • 6 replies
  • 0 Likes

Resolved! Autofocus Mindmeld whitelist microsoft

I'm running into an issue where I can pull in indicators from autofocus by creating a minemeld miner, the only problem is that I am getting a lot of windows.com and microsoft.com domains in the list.  I've had the search from autofocus entered as mal

...

Sec101 by L4 Transporter
  • 6852 Views
  • 4 replies
  • 1 Likes

User-ID Agent

I have the User-ID agent on one of my domain controllers and I have the firewalls set to get the ID from that and it gets some ID's but doesnt seem to get all. So I thought maybe add active directory and exchange server monitoring. 

 

But I get errors

...

dstjames by L2 Linker
  • 2897 Views
  • 2 replies
  • 0 Likes

To force client to switch to internal network

Hello all

we have mobile clients with GP which use corporate notebooks at home .It was configured user logon option to force the notebook to connect through GP when it connects to home WI-FI

 

When the same worker comes back to workplace and plugged in

...

Radmin_85 by L4 Transporter
  • 9906 Views
  • 22 replies
  • 0 Likes

Installation Problem - Ansible

I'm trying to build a new Minemeld box on a fresh install of Ubuntu 16.04 (also tried Centos too) and wehn I run the ansible installer I get to a poin tthen the installer fails with this output, any ideas what's wrong?

 

FWIW, I've tried installing a

...

ethiSEC by L2 Linker
  • 10528 Views
  • 12 replies
  • 0 Likes

Resolved! mapping issue

Good Day to everyone.

I have this issue almost every day. It doesn't happen with all users at one time.

After restart, everything is working as it should work.

I have probe enabled(20 minutes) and Enable User Identification Timeout(720 minutes).

What can

...

facebook palo alto issue.jpg

Resolved! URL Filtering

I changed some rules around to secure things a little more. I need to allow Netflix/YouTube either by user or subnet because it is now blocked with my changes. What is best practice to create a new policy to do so? I currently have a staff and studen

...

Resolved! celery-worker 100% cpu usage

Hi

 

I've had 100% CPU usage from the celery-worker processes for a few weeks now, I spent some time trying to resolve this but without resolution.

 

I'm using a standard Ubuntu 14 appliance build.

 

The issue is a looping of emerging threats downloa

...

Importing o365-api-any-any.txt

I'm trying to append o365-api-any-any.txt to my existing config.

 

The top 5 miners are displaying a red x thus I can't append them. If I remove them I can append however then I can't commit as they're missing.

 

What am I doing wrong? Sorry, new to mine

...

Chad00 by L0 Member
  • 5316 Views
  • 4 replies
  • 0 Likes

Global Protect LSVPN Dual ISP Redundancy

I'm working on configuring a GP LSVPN Hub in our data center with dual ISP's for redundancy.  I'm having some trouble finding a best practice guide for this type of configuration.  Can anyone give some incite to this configuration?  Can I acheive thi

...

lerewrya by L0 Member
  • 4350 Views
  • 1 replies
  • 0 Likes

Resolved! stdlib.listIPv4Generic and range format

I'm feel like I'm being a bit obtuse here, however I can't figure this out. The stdlib.listIPv4Generic miner allows for either cidr or a range. However when I enter x.x.x.x-x.x.x.x it doesn't like this format. I've also tried things like x.x.x.[x-x]

...

chirss by L3 Networker
  • 3740 Views
  • 1 replies
  • 0 Likes

Mindmeld Whitelist Help (URL Filtering)

We have certain URL categories blocked with our PA firewalls. However, we need to setup a whitelist so we can unblock specific URLs  that are in a blocked category. We want to use Mindmeld.

 

Does anyone have good directions how to set up a whitelist

...

EBL size limit - sorting output feed

I'm using a minemeld server to generate an external dynamic list for a PA-5220 runing version 8.1.4.  The dynamic URL list exceeds the 50,000 entry limit.

 

I've seen other posts recommending to use URL parameters to limit the list to the first 50,00

...

dhenke by L1 Bithead
  • 3399 Views
  • 1 replies
  • 0 Likes
  • 24172 Posts
  • 117 Subscriptions
Top Solution Authors
Top Liked Authors
Labels