This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

Failed to pre-login to the portal cosbppan01.net.americas.agilent.com. Error 0

I am writing to you because in the company where I work we are having a problem while using Global Protect, some of my colleagues are no longer able to connect and receive the error you see below: 80) 11/20/18 09:55:43:156 Debug(2301): IPADDR=cosbppan01.net.americas.agilent.com,PORT=443,URL=/global-protect/prelogin.esp,POST=1,PROXY_AUTO=1,PROXY_...

Resolved! How to correctly visualize groups and users in security policy

Hi everyoneI’m working with a Palo Alto 3250 (Pan-OS 8.1.1).I made integration with LDAP, and configurated group mapping setting.My problem is when I want add any group or user in a security policy the object appear like cn=Admin,ou=groupadmin,dc=example,dc=com and I want to see just the user or the group, not visualize the full path of the user...

Resolved! Can't create Nat rule using more than one source address

Hi all, I'm trying to create Nat rule for source translate when the source is address group and it will not be bi-directional. The address group include 2 address from objects.The source translate is Static-IP tried to put object and specifric IP address with subnet (/32) I keep receiving the following error, also tried to use two-source address...

Nat rule error.jpg
SShnap by L3 Networker
  • 7516 Views
  • 6 replies
  • 0 Likes

Resolved! Autofocus Mindmeld whitelist microsoft

I'm running into an issue where I can pull in indicators from autofocus by creating a minemeld miner, the only problem is that I am getting a lot of windows.com and microsoft.com domains in the list. I've had the search from autofocus entered as malicious/grayware/phishing, but still the miner is pulling in microsoft domains and windowsupadate....

Sec101 by L4 Transporter
  • 7535 Views
  • 4 replies
  • 1 Likes

User-ID Agent

I have the User-ID agent on one of my domain controllers and I have the firewalls set to get the ID from that and it gets some ID's but doesnt seem to get all. So I thought maybe add active directory and exchange server monitoring. But I get errors in the panorama sysem log that just say connect-server-monitor-failure I set the account to domai...

dstjames by L2 Linker
  • 3157 Views
  • 2 replies
  • 0 Likes

To force client to switch to internal network

Hello allwe have mobile clients with GP which use corporate notebooks at home .It was configured user logon option to force the notebook to connect through GP when it connects to home WI-FI When the same worker comes back to workplace and plugged in the ethernet cable they still use the same GP networkIs there any way to force the client noteboo...

Radmin_85 by L4 Transporter
  • 11581 Views
  • 22 replies
  • 0 Likes

Installation Problem - Ansible

I'm trying to build a new Minemeld box on a fresh install of Ubuntu 16.04 (also tried Centos too) and wehn I run the ansible installer I get to a poin tthen the installer fails with this output, any ideas what's wrong? FWIW, I've tried installing as root and as a non-root user and am seeing the same results. TASK [minemeld : typings install]...

ethiSEC by L2 Linker
  • 11615 Views
  • 12 replies
  • 0 Likes

Resolved! mapping issue

Good Day to everyone.I have this issue almost every day. It doesn't happen with all users at one time.After restart, everything is working as it should work.I have probe enabled(20 minutes) and Enable User Identification Timeout(720 minutes).What can be an issue?

facebook palo alto issue.jpg

Resolved! URL Filtering

I changed some rules around to secure things a little more. I need to allow Netflix/YouTube either by user or subnet because it is now blocked with my changes. What is best practice to create a new policy to do so? I currently have a staff and student URL filtering policy in place.

Resolved! celery-worker 100% cpu usage

Hi I've had 100% CPU usage from the celery-worker processes for a few weeks now, I spent some time trying to resolve this but without resolution. I'm using a standard Ubuntu 14 appliance build. The issue is a looping of emerging threats downloading, rendering, repeat. I don't have the db permission issue some other users have reported, wh...

Importing o365-api-any-any.txt

I'm trying to append o365-api-any-any.txt to my existing config. The top 5 miners are displaying a red x thus I can't append them. If I remove them I can append however then I can't commit as they're missing. What am I doing wrong? Sorry, new to minemeld.

Chad00 by L0 Member
  • 5812 Views
  • 4 replies
  • 0 Likes

Global Protect LSVPN Dual ISP Redundancy

I'm working on configuring a GP LSVPN Hub in our data center with dual ISP's for redundancy. I'm having some trouble finding a best practice guide for this type of configuration. Can anyone give some incite to this configuration? Can I acheive this with a single GP Portal, or will I need the secondary portal available in the event that the pr...

lerewrya by L0 Member
  • 4645 Views
  • 1 replies
  • 0 Likes

Resolved! stdlib.listIPv4Generic and range format

I'm feel like I'm being a bit obtuse here, however I can't figure this out. The stdlib.listIPv4Generic miner allows for either cidr or a range. However when I enter x.x.x.x-x.x.x.x it doesn't like this format. I've also tried things like x.x.x.[x-x] and the like. Does anyone know what range format this miner will accept?

chirss by L3 Networker
  • 4001 Views
  • 1 replies
  • 0 Likes

Mindmeld Whitelist Help (URL Filtering)

We have certain URL categories blocked with our PA firewalls. However, we need to setup a whitelist so we can unblock specific URLs that are in a blocked category. We want to use Mindmeld. Does anyone have good directions how to set up a whitelist in mindmeld and how to configure the firewalls to accept the feed? We have tried to set up a m...

EBL size limit - sorting output feed

I'm using a minemeld server to generate an external dynamic list for a PA-5220 runing version 8.1.4. The dynamic URL list exceeds the 50,000 entry limit. I've seen other posts recommending to use URL parameters to limit the list to the first 50,000 and that the list is sorted by age by default. (see https://live.paloaltonetworks.com/t5/MineMe...

dhenke by L1 Bithead
  • 3580 Views
  • 1 replies
  • 0 Likes
  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks