General Topics

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Enterprises are embracing AI to revolutionize their operations, but with innovation comes new cybersecurity challenges. That’s why you can’t miss Ignite on Tour!

This event is your gateway to exploring how AI is transforming cyber defenses. Join us

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

PBF and cisco vpn client

Hi everyone

i have two ISPsinterfaces connected to my palo alto

i need to make a pbf forcisco vpn client app traffic to cross through the second isp

in the pbf section in policies , i set the application to cisco vpn and ipsec-udb and IKE and set t

...

Resolved! Redistribute Global protect mappings to another FW

Hi,

We can not identify GP users in a remote FW. We can see all AD mappings but not GP. I explain the scenario:

INTERNET ---------------> FW Central (gateway GP) -----> MPLS --------------> Remote FW PALO ALTO

both PA are integrated with LDAP, but n

...

Minemeld: Custom IP list, miner etc for EDL.

I apologize if this has been answered in previous posts, I've tried searching and it seems that I'm getting bit and pieces but not the whole picture.

How would I go about creating my own list of IPs and then customizing Minemeld to mine \ gather

...

Understanding Panorama Log Ingenstion & Sizing

I am new to PA & I'm trying to understand the necessity of log collection to a Panorama VM. My company is about to deploy PA-3220's in HA pairs in several data centers. We have a single Panorama VM getting deployed for 6 firewalls (3 HA clusters).

...

QOS for multiple user addresses

Hi

i need to create a qos policy to limit downloads and uploads of user addresses objects created on palo alto device

i know that i will ceate a qos profile for down and up , choose a class , priority and type guaranteed and max BW

then create a qos

...

Resolved! netflow behavior

Is the session is long live ( some applications like nfs,panorama) will start and last till 1 month.

As we have configured log at session end, the log entry will be created once the session is ended.

However we have configured netflow as well.

Netflow i

...

block geo location IP version 6

Is palo Alto supporting Geo location blocking for IP version 6?

Resolved! Help understand TAP mode

Hello,

sorry for a dumb question but I am new to PaloAlto and I would like to understand the TAP mode on a physical PA firewall. We have Cisco Catalyst 6509 switch running in 1 of the offices as a core. PA firewall is used for users' internet traffic

...

Panorama PAN-OS 8.0.8 and always highlighted (Green) Commit button

I have recently upgraded Panorama from 7.1.x to 8.0.8. Although there are no changes and all firewalls are "in sync" for the configuration, the Panorama "Commit" button is Green/Highlighted. Is there anyone using Panorama with 8.0.x and seeing the sa

...

Resolved! PAN-89471 userid causes firewall to reboot ?

I am considering upgrading from 8.0.x to 8.1.x, but this issue seems like it might be a show stopper.

In 8.1.x known issue PAN-89471

"Firewalls reboot because the userid process restarts too often due to a socket binding failure that causes a memory

...

Palo Alto firewall generates SSL version / cipher suites errors

Hi, i have a very strange issue. I have a webserver protected by a palo alto NGFW, if i disable inbound ssl inspection policies everything works fine and i can access the server as intended.

However when i enable the inbound ssl inspection policy, w

...

USER-ID - Windows Server 2016 - Event Log Viever permission issue

I cannot read AD logs on Windows Server 2016 with the event viewer read group access. Is there anything special that needs to be on Windows 2016 Domain?

Thanks

Dynamic Update from Panorama doesn't work

I want to use Panorama to perform dynamic updates for the "Antivirus" and "Applications and Threat" sections.

On remote firewalls, I configured Panorama as the update server.
I also scheduled the automatic update via a template.

In Panorama, I have the

...

Resolved! Rule allowed but policy-deny?

Hi, We have something strange in our firewall. We have a client/computer with Sonos software and the software need to update. When we click update in the software we get a message that something is wrong. So I checked our firewall and in the monitor ...

DNS Format That sent to Arcsight it contain www?

Malicious domain names some of them contain www before domain name like www.xyz.com.

so if there is any solution to define that as domain name only like (xyz.com) to use it in correlation rules.