General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Global Protect LSVPN Dual ISP Redundancy

I'm working on configuring a GP LSVPN Hub in our data center with dual ISP's for redundancy. I'm having some trouble finding a best practice guide for this type of configuration. Can anyone give some incite to this configuration? Can I acheive this with a single GP Portal, or will I need the secondary portal available in the event that the pr...

lerewrya by L0 Member
  • 4745 Views
  • 1 replies
  • 0 Likes

Resolved! stdlib.listIPv4Generic and range format

I'm feel like I'm being a bit obtuse here, however I can't figure this out. The stdlib.listIPv4Generic miner allows for either cidr or a range. However when I enter x.x.x.x-x.x.x.x it doesn't like this format. I've also tried things like x.x.x.[x-x] and the like. Does anyone know what range format this miner will accept?

chirss by L3 Networker
  • 4096 Views
  • 1 replies
  • 0 Likes

Mindmeld Whitelist Help (URL Filtering)

We have certain URL categories blocked with our PA firewalls. However, we need to setup a whitelist so we can unblock specific URLs that are in a blocked category. We want to use Mindmeld. Does anyone have good directions how to set up a whitelist in mindmeld and how to configure the firewalls to accept the feed? We have tried to set up a m...

EBL size limit - sorting output feed

I'm using a minemeld server to generate an external dynamic list for a PA-5220 runing version 8.1.4. The dynamic URL list exceeds the 50,000 entry limit. I've seen other posts recommending to use URL parameters to limit the list to the first 50,000 and that the list is sorted by age by default. (see https://live.paloaltonetworks.com/t5/MineMe...

dhenke by L1 Bithead
  • 3660 Views
  • 1 replies
  • 0 Likes

General troubleshooting for Office 365

I have set up the feeds, and the EDLs and added the EDLs into a policy. Whenk I run the command in the CLI "request system external-list show type url name o365-URLs", I retrieve the list in the PA firewall, and the list there matches the list in Minemeld. (Same goes for the IPv4 indicators) I am curious why there are zero indicators processe...

Minemeld.JPG

Updating MineMeld

Hi Guys I am running 0.9.48 and want to get to 0.9.50+ to utilise the latest Office365 feeds. I have checked the old method and I don't have the auto update utility installed /usr/sbin/minemeld-auto-update If it try this method as suggested sudo add-apt-repository -ry ppa:adiscon/v8-stable $ wget -qO - https://minemeld-updates.panw.io/gpg....

Custom search filters for Anomali

Hello, Is it possible to configure the Anomali miner to allow for custom queries? For example, in threatstream, I like to search for the following string in Analyze -> Observables. How can I configure the anomali.opticAPI miner to allow for this? ((type=ip and confidence >= 60 and itype!=scan_ip) or (type=url and confidence>=78 and sev...

otlaP5 by L0 Member
  • 3550 Views
  • 1 replies
  • 0 Likes

Minemeld installation errors on ubuntu 16.04

Hi, I'm trying to setup a new installation of Minemeld using the cloud installer and am seeing the following errors. it appears the Minemeld install never completes. I'm not well versed in ubuntu so any help is appreciated. The following packages will be upgraded: libestr0 rsyslog2 upgraded, 87 newly installed, 0 to remove and 4 not upgraded...

neuadmin by L1 Bithead
  • 19647 Views
  • 19 replies
  • 0 Likes

Failover Link Monitoring too long

Hello guys, I have 2 plao alto configured with HA Active/passive mode. On both firewall, I configured link monitoring on link group with ethernet 1/11 and ethernet1/13 that are aggregated on Ae1 with condition "ALL". Those interfaces are plugged to a switch with LACP configuration and this switch is plugged to the Intrernet Router. The objective...

Resolved! Hardware for Panorama VM

Do I need a full vSphere management suite for Panaorama VM deployement or whether I can get away with a free version of eSXi?

Resolved! blocking netflix application instead of url

currently i am blocking al the urls to netflix. so when user access the website they get message blocked due to url on cli i see PA has to do some processing in order to block the url .if i block the application netflix instead of url that will redice the cpu processing on the PA right?

MP18 by Cyber Elite
  • 4547 Views
  • 2 replies
  • 0 Likes

Resolved! Planning virtual deployment into cluster

I have a Hyper-V cluster that spans 4 hosts that I want to protect with a pair of PA VMs. My question is do I need a pair of PAs for each host or do I add these two into my existing cluster and make the trusted interface on my existing vswitch and untrusted interface the physical vmlan interface used by my hypervisors? If anyone has deployed a P...

All hallows eve is on our doorstep, time for some poetry

As it's becoming a yearly tradition, I'm challenging all of you to come up with something funny Last year we did pictures, this year we're going to have a go at Haikus! We'll be selecting a (or more ?!?!) winner(s) who will not only receive eternal glory in the hall of spooky fame, but will also receive some great 'loot' from our sarcophagus! ...

jack-o-lantern-badge-18[2].png
reaper by Cyber Elite
  • 2282 Views
  • 1 replies
  • 4 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels