This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4223 Views
  • 0 replies
  • 0 Likes

8.1.4 CP Normalizing

All of our users who auth over CP are now normalizing as 'domain.com\user' although we need them to be user@domain.com. The authentication profile they go through has the %USERINPUT%@%USERDOMAIN% modifier. Domain is filled in & login attribute is 'userPrincipalName'. All users who are gettng mapped through AD instead of CP are showing corre...

Resolved! Minemeld Proxy error

Hi, I've setup Minemeld to use the corporate proxies based on this thread and I'm still getting this error: "ConnectTimeout: HTTPSConnectionPool(host='www.dshield.org', port=443): Max retries exceeded with url: /block.txt (Caused by ConnectTimeoutError(<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7f2bee031f10>,...

otlaP5 by L0 Member
  • 5847 Views
  • 2 replies
  • 0 Likes

Resolved! Panorama Managed collectors - Default and M500 Log collector

We have Panorama M100 in Panorama Mode.They are in HA pair. Also we have 2 M500 as dedicated log collector mode. Under Panorama managed collectors I see default is also checked along with 2 dedicated log collectors. Need to know why default option is checked along with M500?

Capture1.PNG
MP18 by Cyber Elite
  • 3816 Views
  • 6 replies
  • 0 Likes

Resolved! Split tunnel VPN inclusion rule - traffic dropped

Hello Community,I need to allow traffic to come down the VPN tunnel rather than the Split Tunnel.I have addred a VPN tunnel inclusion rule on the GlobalProtect Gateways as described in this article:https://www.paloaltonetworks.com/documentation/80/pan-os/newfeaturesguide/globalprotect-features/split-tunnel-to-exclude-by-access-route The logs sho...

000000 by L1 Bithead
  • 2648 Views
  • 2 replies
  • 0 Likes

Use MP SSL Session Cache

when i run the below command show system setting ssl-decrypt setting vsys : vsys1Forward Proxy Ready : yesInbound Proxy Ready : noDisable ssl : noDisable ssl-decrypt : noNotify user : noProxy for URL : noWait for URL : yesBlock revoked Cert : yesCert Status Query Timeout : 5URL Category Query Timeout : 5Fwd proxy server cert's rsa key size: 0Fw...

MP18 by Cyber Elite
  • 3805 Views
  • 2 replies
  • 0 Likes

Resolved! Unable to export certificates EXCEPT via IE11

Two PA3020s in an active/passive HA pairPanOS 7.1.14 Tested with Google Chrome and Firefox on Linux.Tested with Google Chrome and Firefox on Windows 7. When trying to export a certificate from Device tab --> Certificate Management --> Certificates, no matter which export format I choose, nor which certificate I choose, nothing happens. Br...

fjwcash by L4 Transporter
  • 4790 Views
  • 3 replies
  • 0 Likes

Resolved! Moving between device groups

I am looking to move my firewalls from one Panorama (7.0.3) device group to a new device group. All active policy rules have been cloned over to the new device group from the existing device group, and the objects are all "shared". Even though all the rules being installed are the same, and being installed on the same set of firewalls, just ...

Resolved! show system setting ssl-decrypt certificate -----No inbound cert

show system setting ssl-decrypt certificate Certificates for GlobalSSL Decryption CERTglobal trustedssl-decryption x509 certificateversion 2cert algorithm 4valid 171204224608Z -- 221204225608Zcert pki 1subject: NGFW-2issuer: Root CA 2serial number(19)4f 00 00 00 2b e2 bd d9 f7 cb fa 0b 9a 00 01 00 O...+... ........00 00 2b ..+rsa key size 2048 b...

MP18 by Cyber Elite
  • 3279 Views
  • 2 replies
  • 0 Likes

Resolved! Cannot retrieve indicators from FS-ISAC feed

I recently created a feed over at FS-ISAC for my organization, and I'm able to connect successfully from within MineMeld, however I am not receiving any indicators. My initial_interval is set to 30d and when I test using 'taxii-poll' from the shell I'm able to retrieve indicators that way, so I know the feed I'm publishing is working, but MineM...

benime by L1 Bithead
  • 6234 Views
  • 2 replies
  • 0 Likes

Resolved! SSL forward trust option

Hi, We have a certificate generated by RapidSSL as CA. but we can NOT set this certificate as a forward trust certificate to use in Decyption SSL, the option shows disable. Roots is in the list "default trsuted certificate authorities". Why the option is disbled???

1.JPG
BigPalo by L4 Transporter
  • 9127 Views
  • 9 replies
  • 0 Likes

Resolved! JSON Parsing - ProofPoint

Has anyone been able to get ProofPoint TAP logs into MineMeld? I think the issue I'm having is with my JSON configuration. Here's what I have so far but it's not pulling any indicators. I've tested my query on http://jmespath.org/ with sucessful results. The field I'm trying to extract is the URL in the threat field - badsite.zz in the examp...

json.JPG
jt1025 by L2 Linker
  • 15211 Views
  • 14 replies
  • 0 Likes

QUIC deny vs drop

Just curious. The recommended QUIC rules set the action to 'deny', but the first rule is for service udp 80/443 any application. Is there a reason this is a 'deny' and not a 'drop'? ReferenceHOW TO BLOCK QUIC PROTOCOLhttps://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClarCAC What a difference a Deny makeshttps://live.paloa...

mike406 by L2 Linker
  • 3477 Views
  • 1 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks