This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4238 Views
  • 0 replies
  • 0 Likes

Resolved! A new PA-3250 required licenses

Hi, I'm planning to deploy PA-3250 for a company. I've recommended the following modules for them as per their requirements:PAN-PA-3250-URL4-5YR.PAN-PA-3250-TP-5YR.PAN-PA-3250-WF-5YR. Now, i'm not sure if we must also include the premuim support license inorder to be able to opreate the firewall. Can I safely deploy the device without a support ...

Resolved! Updating MineMeld Miner indicators via http/https API requests from external systems ?

Dear MineMeld community, Can we add/remove indicators from a MineMeld Miner via http/https API? We currently have a simple automation system for IP whitelisting: External System sends an https request to an automation server with an IP address info and some another data: http://AutoRequest.com/request?ip=10.1.1.1&start_date=01/01/201...

Resolved! GlobalProtect - suppress the downgrade/upgrade prompt?

I noticed end-users will get a prompt to upgrade/downgrade their client, depending on whether the Activated version is lower or higher than their installed version.Is there a way to suppress and turn that off? It would IT controlled deployment upgrades more smoother and less confusing to end-users. Is this the setting here?

2018-11-05_9-23-39.png

GlobalProtect Connection Issue

The company I work for recently roled out paloalto vpn service for users to connect via VPNHowever one frustration most if not all users have observed is the initial connection via GlobalProtect client. Across all client versions and all OS's (Windows, MacOs) one thing which is causing frustration has been observed. * Instigating the connection ...

version.png
1.png
2.png
carterg by L2 Linker
  • 10658 Views
  • 5 replies
  • 0 Likes

SSL Inbound Decryption with ADFS

I am seeing issues with inbound decryption and ADFS. Through investigation, I found that the EC Curve 25519 is not supported, but is the default for Windows 10 and Server 2016. Per tech support, this will be available in the latter half of 2019 as a supported encryption standard. After moving off of the prevously mentioned curve, I am seeing t...

Resolved! Does BGP need to be on a separate virtual router ?

I'm currently using rip in a single virtual router. I'm adding BGP for a Microsoft Express Route circuit. I have a consultant to assist in the BGP setup. He says the BGP needs to be in a separate virtual router. Is there a reason for this that anyone knows ? His answer is PaloAlto requires it. ???PA3020. TIA, Greg

gefuchs by L1 Bithead
  • 9034 Views
  • 8 replies
  • 0 Likes

Resolved! Processor not pulling from Miner

Hello Folks, I recently created a new miner to pull domains from a threat intel provider. I can see the Miner is pulling the expected amount of domains. However, my associated processor is not pulling anything from the miner. I've already looked the the obvious things: like is Output enabled on my miner etc. I can see in the logs that the proc...

Untitled.png

User-ID picks up admin users ID not their proper login.

I have noticed that some of our users who have normal and privileged accounts are showing their "Privileged account" under User-ID. Querying in windows shows the correct user... show user ip-user-mapping ipIP address: 1xx.1xx.1.187 (vsys1)User: xyznet\jimp.adminFrom: ADIdle Timeout: 2638sMax. TTL: 2638sGroup(s): x...

Understanding URL Filtering Order / URL Filtering Precedence

I was searching high and low for URL Filtering Order / URL Filtering Precedence when trying to understand how to override an incorrect URL learned from an External Dynamic List. It took the help of our Designated Engineer to get a full and complete answer. I thought I would share the info here so others may benefit as well. This is based off of ...

global protect connecting through third party

HI Team We have PANOS 8.0.10 running PA-820 Cluster and we have configured Global Protect on those firewalls.Since Windows XP or 7 does not support for Global protect client, we need to use Cisco Any Connect instead.1). Can we use third-party VPN client to connect to the SSL VPN and which PANOS versions do it supports?2). If possible, can you ...

HemanthV by L2 Linker
  • 2520 Views
  • 2 replies
  • 0 Likes

Deploying Fresh install of Minemeld

After following complete steps to install Minemeld on Ubuntu 14.04. I run into this error on the last command from this link for manual installation. https://live.paloaltonetworks.com/t5/MineMeld-Articles/Manually-install-MineMeld-on-Ubuntu-Server-14-04/ta-p/98454 Step 6 has you verify the Minemeld services have started. I get this error. ...

svacca by L1 Bithead
  • 12418 Views
  • 11 replies
  • 0 Likes

Resolved! App portal for mobile devices

Hi ! I was wandering if there is a way to set up some sort of webproxy, so the connections to services behind firewall would be secure (https). We have some services that runs via http an would like to publish them to internet but we would like to make it more secure. One solution would be (if Palo Alto has it) to have a mobile application with ...

Global Protect portal -- Multiple Client Authen

I have configured GP portal under client Authen I have configured two one is Radius and other is test -- local database Radius is at top and below it is test using local database. When i use the local database account authen does not work. To make authen work via local database i have to move it up. Does GP portal supports more than two c...

MP18 by Cyber Elite
  • 3067 Views
  • 3 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks