General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! GlobalProtect stopped to work after appliance reboot

The GlobalProtect Portal/Gateway had been working perfectly until tonight I have restarted the Palo Alto appliance.After - I was not able to connect. The portal page - ERR_CONNECTION_TIMED_OUT. I tryied to load older configs, I have even reinstalled the software version (8.0.13). No luck. I the Session Browser I do not see anything that looks li...

Resolved! PA-220 - bidirectional NAT - how to get a Nintendo Switch to work online

Greetings, I am trying to create the NAT IP only rule as outlined here.https://www.ericooi.com/palo-alto-firewall-home-network/ I have a single External WAN interface Etherenet 1/1. I am wondering how the referenced NAT SOURCE Translation interface (Object/Physical/Other???) is created to configure the Source Translation?I am only able to add '...

catrock by L2 Linker
  • 12685 Views
  • 4 replies
  • 0 Likes

Resolved! About Threat and Wildfire submission

Hi all and specialist engineer, I would like to know sometimes I'm doubt about monitor wildfire submission and threat which wildfire is shown in a monitor (ref: wildfire portal ) but why threat does not show even though same both a file name and type malware.

Resolved! IPSec P2P VPN Tunnel not working

Hi,I am trying to terminate on PaloAlto VM-100 (8.0.13) an IPsec tunnel.It seems that the other side is not able to connect at all. We have checke all IKE settings and they seem OK.I am using a Loopback interface with an external IP address (exactly as I am using for the GlobalProtect VPN which is working fine).Do I have to create any NAT rules ...

Where is app-id for https?

I am trying to fulfill a request by my security team to enable app id on our palo alto rule base & I cannot find the app id for https. There is also a machine inside our envirionment that needs to be accessed over tcp 444 using https:// so I assume enabling app id won't break communication to this machine as long as I specify port 444 in th...

VM-100 serie firewall in AH mode on vmware Hyper-Converged VxRail.

Hello Team, I am going to deployed the VM-100 serie firewall in AH mode on vmware Hyper-Converged VxRail ( with esxi).The VM-100 series will bee used to protect the servers deployed on the VxRail.What are the requirements needed for the deployement of the WM-100 on the vmware Hyper-Converged VxRail ?cans somone please sugested a senario of ...

TaxiiDataFeed - Aging out of Feed

Hi Guys, using as prototype the "stdlib.taxiiDataFeed" I've exposed through Minemeld a TAXII Feed. Now i've observed that this prototype is the only that can't be aged out, in fact the IoCs collected from the sources comes in addition to those already present in the Feed. Is there a functionality to enable the aging out of the Output (stdlib.ta...

rafy92 by L1 Bithead
  • 14373 Views
  • 7 replies
  • 0 Likes

recommendation when putting the Palo Alto in a vwire mode.

Folks,we have a switch to switch routing protocol running and the requirement is to put a palo alto in a vwire mode on such an environent. Please see the file attached with tis post. Now, the catch to this is the "switch-out" forms neighbours with "switch-01" and "switch-02" and packets going inside one link could come out of the other. I just w...

PA Live Community.jpg
nson2139 by L3 Networker
  • 7718 Views
  • 8 replies
  • 0 Likes

minemeld and feeding info via CEF into ArcSight

Can you select formatting or would I need to create a wrapper that manipulates the data pushed by minemeld to forward in CEF? Glad an opensource community on this exist for this. Additionally I need an rpm based package or just a way to compile from source I am using CentOS any thoughts or is there a source package for this

SHA256 and MD5 hash information not sent with CEF Output

Hi Team, I am seeing strange behaviour the Minemeld instance onsite is seeing Hash values that have been generated from Autofocus custom query using AF+MM instance. Setup: AF+MM - 1 Miner --> 1 x MD5 / 1 x SHA256 Processors --> 1 x Output MD5 / 1 x Output SHA256 On-Prem - 1 x Miner MD5 / 1 x Miner SHA256 --> 1 x Output MD5 /...

gbaruch by L1 Bithead
  • 5165 Views
  • 1 replies
  • 0 Likes
  • 24394 Posts
  • 123 Subscriptions
Top Solution Authors
Labels