General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 193 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 875 Views
  • 0 replies
  • 0 Likes

VPN tunnel to a firewall NOT internet facing

Hi,

 

I have a scenario with two sites which has two sets (HA) of firewalls, external and internal. So external handles everything internet and behind the internal the datacenter resides. Clients are in between.

 

We have MPLS between the sites which ter

...

Filtering the monitoring log fails endlessly

Pretty often seemingly simple monitor filters seem to get our PA devices in an endless loop.

 

For example:

( rule eq management_services ) and !( addr.dst in a.b.c.d ) and ( app eq ms-sms )

 

will never succeed. The fitering start running, shows a couple

...

mvdven by L1 Bithead
  • 4047 Views
  • 5 replies
  • 0 Likes

Resolved! Query MineMeld for a single IP\IoC?

We are looking at various options to build a SOC framework and one of the objectives is to be able to have an internal 'queryable' API that we can use to investigate a single IP\IoC.

 

Is there anyway to make MineMeld work in that manner i.e. so we c

...

apackard by L4 Transporter
  • 3917 Views
  • 2 replies
  • 0 Likes

Importing PA200 configuration to PA220.

We are planning to phase out PA200 firewall with PA220 .

PA200 firewall is running PAN OS 7.1.14.

PA 220 firewall comes preloaded with PAN OS version 8.0.X.

 

My concerns is, Can we directly import the firewall configuration  (device state) from PA200 to

...

Nischal by L2 Linker
  • 5197 Views
  • 2 replies
  • 0 Likes

URL alerting without SSL decryption

Hello all! I've got a question on URL category alerting. I can set up alerting for malware and phishing categories, for example. I get the alerts if the site is HTTP only. I don't seem to get them if it is HTTPS.

 

My question is this... Shouldn't the

...

Active/Active HA tentative state question

Let's say we have 2 firewalls in A/A HA

each firewall has 2 vWire (single interfaces, no aggregration)

eth1/eth2 = vWire 1 and eth3/eth4=vWire2

link monitoring is set such that if any of eth1/eth2 interfaces are down or any of eth3/eth4 are down the fir

...

PerryK by L2 Linker
  • 4064 Views
  • 3 replies
  • 0 Likes

Resolved! Minemeld Mining IPv6 and IPv4 through AWS JSON script

Hi Minemeld Community, 

 

Can I check with the team which existing miner can I use to mine the IPv6 and IPv4 from URL https://ip-ranges.amazonaws.com/ip-ranges.json? Using just 1 miner if is possible.

 

Or how can i customize the miner to mine it. Th

...

dkoh by L2 Linker
  • 4392 Views
  • 1 replies
  • 0 Likes

Monitoring Individual Dataplane CPU's

We are currently experiencing issues in our network environment with dp0 (specifically) being overutilized on the Palo Alto 5050 and 5060's, mainly due to the fact that IPSEC traffic is not offloaded from dp0 to dp1 and/or dp2.

 

We can actively monito

...

Resolved! PA-850 Cluster Went Non Functional

My PA-850 Active/Passive cluster went non-functional last night causing an outage at our main corporate headquarters.  I do have a ticket in with PA but they're being a bit slow to do a root cause on this so figured I'd post and see if anyone has ran

...

850-2.PNG
850-1.PNG

Resolved! Can I use PANOS software from a PA-220 on a PA-500?

I have new PA-220 firewalls that are replacing my old PA-500's.  The PA-500's have v7.0.5-h2 of the PANOS installed.  The Firewall Migration Guide states that I need to update the PANOS on my old firewalls to match the new firewalls at 8.1.0.  The PA

...

infoit by L1 Bithead
  • 3499 Views
  • 5 replies
  • 0 Likes
  • 24009 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Posts
Top Liked Authors
Labels