General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! How to enable API access for Minemeld

I have been working on syncing a manual localDB miner list via this Python script (https://gist.github.com/jtschichold/95f3906566b18b50cf2e3e1a44f1e785) When I use it, I get 'Unauthorized' when trying to access /status/minemeld. If I manually authenticate via browser first then attempt access, it works. My question is do you have to change...

hbiglin by L0 Member
  • 8373 Views
  • 4 replies
  • 0 Likes

Developing my first Extension: MineMeld Server now reports ERROR RETRIEVING EXTENSIONS LIST

I worked on my first extension today (based on the structure and files of youtube-miner). As soon as I imported it into MineMeld I got the ERROR RETRIEVING EXTENSIONS LIST: INTERNAL SERVER ERROR red box of shame. What log should I be looking in for clues? I've searched a bit and I know this was the path of the local folder. I removed i...

Resolved! wlc monility and EoIp traffic

Hello All, I have WLC and anchor-WLC with PA firewall in between, I have rule allowing EoIP and wlc-mobility APPs with application-default service selected, I don't see on monitor tab any single packet logged, even though I know for sure it is there, I was able to see it through PA CLI with debug filter set(EoIP example packet below):Packet rece...

evdanil by L1 Bithead
  • 7528 Views
  • 4 replies
  • 0 Likes

Resolved! running-config to candid-config OR candid-config to running-config

Hello All, Kindly help understand the concept. I am preparing for my PCNSE and I was reading through the a manual provided by Palo Alto (EDU-255). Under Configuration Operations, at one point the document reads that “the running configuration is copied to a candidate configuration during firewall startup”. On the very next page, the document rea...

Creating Minemeld IPv4 Lists

I'm a newbie with Minemeld and Autofocus. I'm looking to create a Minemeld Miner that will maintain IPv4 Whitelist based on an AWS Site that is load balancing and/or using DNS Round Robin.The CDN that we're pulling data from lives in AWS and IP Address Resolution is constantly changing (see api.ebass-emmi.eu). My plan is to create a External Dyn...

Resolved! What are you using to implement SNMPv3?

I'm taking on the task of setting up SNMPv3 on a firewall but will be starting from scratch with no tools, programs, scripts, etc. in place so I have a lot of flexibility (and also a lot of work ahead). I won't be doing traps but mostly looking at CPU and interface traffic. I would like to know what programs, etc. others are using so I can get a...

Can we create same VLAN ID on two different aggregate interface on the same vsys enabled device ?

Hello All, I want to assgin same vlan id two different aggregate interface which will be assign to different vsys created on the 5220 device and assgin public IP address as well which are in same subnet. The exact requirement is below :- created two vsys :- Internet1 and Internet 2 Internet 1 vsys has ae1 aggregate interface assigned with subin...

Email Alert Formatting - PanOS 8.0

I'm looking to make my email alerts more readable, especially for certain cases where rapid response is key. I have log forwarding configured and all, but the defaults contain way too much information. If possible I'd like to add some custom verbage, and use variables for the data I actually need, while disabling the rest. Could anyone point me...

magates by L2 Linker
  • 2915 Views
  • 1 replies
  • 0 Likes

Adding additional public IP range

Hi all - I've been having a bit of trouble getting this to work - I've done it on Cisco & Sonicwall boxes before, but this is my first PA 3020. We were just assigned additional public IP addresses by our ISP. The existing block is 206.x.x.x/29 and the new block is 165.x.x.x/29, so they're note contiguous. I went into the Ethernet Interface...

bwade by L0 Member
  • 5566 Views
  • 3 replies
  • 0 Likes

Resolved! OS partition

Is there anyway to freeup space on the partition were the OS resides on the PA or is that automagically done when you upgrade the os. All articles dealing with clean up of the disk space has mainly to do with purging logs, the image repository, the configuration but not really the OS.

jdprovine by L4 Transporter
  • 4222 Views
  • 3 replies
  • 0 Likes

Security policy rule - allowing a specific host access to ftp.sophos.com

Hello, A colleague needs to access ftp.sophos.com (195.171.192.29) using Filezilla as their SFTP client, via TCP port 990. I set up the security policy rule as follows: They could not log onto the ftp.sophos.com site. The password credentials they used are correct. Is the rule set up correctly? On a Cisco ASA I would have used the following A...

Source.PNG
Destination.PNG
Service.PNG
Actions.PNG
rchung54 by L2 Linker
  • 14691 Views
  • 18 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels