General Topics

🚀 Join us at Palo Alto Networks Headquarters for Ignite - November 14, 2024 🚀

Enterprises are embracing AI to revolutionize their operations, but with innovation comes new cybersecurity challenges. That’s why you can’t miss Ignite on Tour!

This event is your gateway to exploring how AI is transforming cyber defenses. Join us

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

TAXII Feeds not working correctly.

I am having major issues with my TAXII feeds recently. A long running feed stopped working recently with an error "'unicode' object has no attribute 'get'". I have figured out that it only gives this error on any MM instances running on Trusty 14.0.4

...

How to get MineMeld Feed Base URL - HTTP instead of HTTPS

Hello Network,

Is it possible to configure a Minemeld node to have a Feed base URL that is HTTP instead of HTTPS?

Thank you in advance,

Scott

Resolved! MineMeld Speedtest.net host mining

Hi all,

I managed to install MineMeld on-prem and are playing around with it now. As a first task I'd like to setup a domain feed delivering SpeedTest.net hosts from countries we deployed Palo Alto firewalls.

Setting up the miner, a domain aggreg

...

Resolved! Remote shutdown via CLI or through Panorama

Hello all,

I'm tasked with initiating a graceful shutdown of mutiple PA3060 firewalls following UPS-detected mains power loss via a scripted process.

I can login to invididual firewalls using plink but I can't work out how to enter the shutdown comman

...

what means session end reason with tcp-reuse?

Hi All,

i having 1 application claim that their port is stuck on Syn send status and there is possibility causing by palo alto firewall. i did check on the traffic log .. it showing session end with tcp resue. i not sure is that tcp-reuse will causin

...

PA220 running 8.1 GlobalProtect data file version failed to install

Hi,

Got this message on PA220 running 8.1,

Time Severity Subtype Object EventID ID Description
===============================================================================
2018/03/18 02:00:18 high general general 0 GlobalProtect data file version 15

...

Unable SSH to Palo Alto firewall via SSH2

Hi everyone,

Now I can access webui normanly but I can't access to Firewall Palo Alto via SSH2 with the same account. When login with SecureCRT, it appears notification : Password Authentication Failed. On palo alto appears notification : Failed pas

...

Resolved! 5250 HA1 over SFP question

I have a customer who is implementing a pair of 5250 in active/passive. The firewalls are in separate DCs that are connected with fibre. It seems HA2 over the SFP ports is OK but HA1 seems to only work over the 2 AUX ports not any of the data ports.

...

Scheduling support sessions with end-users

I was just wondering if Palo Alto would consider scheduling support sessions with customers via https://www.timetrade.com/ or something similar. This would help to manage time coordinating support sessions.

Thanks,

Resolved! VPN over MetroE

I've been given an L2 handoff from Comcast from our data center to our co-location. I can move switched traffic over the link between the Palos at both sites with no issues. My problem comes when I try to add L3 and a a tunnel to the link. I've set u

...

xauth use on global protect tunnels

how many are using xauth on the global protect tunnels and why ? We are using it because we have users using native clients on PC's and phones (don't want to pay for the mobile license for on)?

Let me know what you think and the pros and cons of usin

...

PaloAlto Networks Discloses Confidential Security Information to Third Parties w/o customer consent

I just was emailed a Palo Alto Networks security report listing information on all of the wildfire submissions from our organization. This email came from a vendor that we had never purchased Palo Alto products from and contained detailed informati

...

Bootstrap the VM-Series Firewall on ESXi

I have an OVA of PA VM-100 series version 8.0.5.

I'm trying to follow the article for "Bootstrap the VM-Series Firewall on ESXi" at:

https://www.paloaltonetworks.com/documentation/71/virtualization/virtualization/bootstrap-the-vm-series-firewall/boots

...

Resolved! How do I block Image search?

Hi

I am fairly new to Palo's and I am trying to figure out how I can block search engine image searches. I know there are currently no real app-ids that cover this and just wondering if anyone has a way to block all image search results on the big s

...

SSH decrypt and not decrypt

Hi.

I have an ERP server on the inside which must be access from supplier via SSH. Trying both using proxy and no decrypt but always getting Aged out in traffic monitor.

I don't have access to the ERP system but I got the routing printed and it look

...

Discussions