This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4114 Views
  • 0 replies
  • 0 Likes

Resolved! show system setting ssl-decrypt certificate -----No inbound cert

show system setting ssl-decrypt certificate Certificates for GlobalSSL Decryption CERTglobal trustedssl-decryption x509 certificateversion 2cert algorithm 4valid 171204224608Z -- 221204225608Zcert pki 1subject: NGFW-2issuer: Root CA 2serial number(19)4f 00 00 00 2b e2 bd d9 f7 cb fa 0b 9a 00 01 00 O...+... ........00 00 2b ..+rsa key size 2048 b...

MP18 by Cyber Elite
  • 3242 Views
  • 2 replies
  • 0 Likes

Resolved! Cannot retrieve indicators from FS-ISAC feed

I recently created a feed over at FS-ISAC for my organization, and I'm able to connect successfully from within MineMeld, however I am not receiving any indicators. My initial_interval is set to 30d and when I test using 'taxii-poll' from the shell I'm able to retrieve indicators that way, so I know the feed I'm publishing is working, but MineM...

benime by L1 Bithead
  • 6201 Views
  • 2 replies
  • 0 Likes

Resolved! SSL forward trust option

Hi, We have a certificate generated by RapidSSL as CA. but we can NOT set this certificate as a forward trust certificate to use in Decyption SSL, the option shows disable. Roots is in the list "default trsuted certificate authorities". Why the option is disbled???

1.JPG
BigPalo by L4 Transporter
  • 8964 Views
  • 9 replies
  • 0 Likes

Resolved! JSON Parsing - ProofPoint

Has anyone been able to get ProofPoint TAP logs into MineMeld? I think the issue I'm having is with my JSON configuration. Here's what I have so far but it's not pulling any indicators. I've tested my query on http://jmespath.org/ with sucessful results. The field I'm trying to extract is the URL in the threat field - badsite.zz in the examp...

json.JPG
jt1025 by L2 Linker
  • 14986 Views
  • 14 replies
  • 0 Likes

QUIC deny vs drop

Just curious. The recommended QUIC rules set the action to 'deny', but the first rule is for service udp 80/443 any application. Is there a reason this is a 'deny' and not a 'drop'? ReferenceHOW TO BLOCK QUIC PROTOCOLhttps://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClarCAC What a difference a Deny makeshttps://live.paloa...

mike406 by L2 Linker
  • 3436 Views
  • 1 replies
  • 0 Likes

Resolved! Custom App signature and App pushed from PA update

What if we create creates a custom application containing Layer 7 signatures.And after few days the PA send the Latest APP and Threat updates and we download those in the PAWhat will happen if the update contains an application that matches the same traffic signatures as the custom application? or which thing is hit first custom app or applica...

MP18 by Cyber Elite
  • 3410 Views
  • 2 replies
  • 0 Likes

Block VPN access for lost iphone/ipad

Hi, I followed the document on how to create VPN for IOS devices with certificates, and I got it working.I was wondering how I can deny a device VPN access for a device which is lost or stolen. Deleting the certificate Client ID certificate on the PaloAlto Box does not help. The device can still connect.The user can change his password but I wou...

LocalDB Node Bulk Uploads

Is it possible to bulk upload to the LocalDB Nodes? The input UI appears to only accept a single indicator per line, and doesn't do any validation of the information being input.

Indicator Loader.JPG

Resolved! GlobalProtect stopped to work after appliance reboot

The GlobalProtect Portal/Gateway had been working perfectly until tonight I have restarted the Palo Alto appliance.After - I was not able to connect. The portal page - ERR_CONNECTION_TIMED_OUT. I tryied to load older configs, I have even reinstalled the software version (8.0.13). No luck. I the Session Browser I do not see anything that looks li...

Resolved! PA-220 - bidirectional NAT - how to get a Nintendo Switch to work online

Greetings, I am trying to create the NAT IP only rule as outlined here.https://www.ericooi.com/palo-alto-firewall-home-network/ I have a single External WAN interface Etherenet 1/1. I am wondering how the referenced NAT SOURCE Translation interface (Object/Physical/Other???) is created to configure the Source Translation?I am only able to add '...

catrock by L2 Linker
  • 12206 Views
  • 4 replies
  • 0 Likes

Resolved! About Threat and Wildfire submission

Hi all and specialist engineer, I would like to know sometimes I'm doubt about monitor wildfire submission and threat which wildfire is shown in a monitor (ref: wildfire portal ) but why threat does not show even though same both a file name and type malware.

Resolved! IPSec P2P VPN Tunnel not working

Hi,I am trying to terminate on PaloAlto VM-100 (8.0.13) an IPsec tunnel.It seems that the other side is not able to connect at all. We have checke all IKE settings and they seem OK.I am using a Loopback interface with an external IP address (exactly as I am using for the GlobalProtect VPN which is working fine).Do I have to create any NAT rules ...

Where is app-id for https?

I am trying to fulfill a request by my security team to enable app id on our palo alto rule base & I cannot find the app id for https. There is also a machine inside our envirionment that needs to be accessed over tcp 444 using https:// so I assume enabling app id won't break communication to this machine as long as I specify port 444 in th...

  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks