General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Error exporting certificate: Failed to prepare certificate 'NAME_OF_CERTIFICATE' for export

Hi,

I generated the certificates on the firewall for Global protect portal and trying to export the file no matter what format, I am getting the error message saying failedto prepare certificate. I am using windown 10 but another user accessing the

...

Panorama log settings wildfire is invalid error on commit failure

Hi

We are using panorama 7.1.11 to commit to a pa-2050 on 6.0.1.

The commit keeps failing both form panorama and firewall.

This is the error in the commit window and I see not such options for a setting like log fwding - profiles!

Appreciate any help

...

Resolved! Can I use PANOS software from a PA-220 on a PA-500?

I have new PA-220 firewalls that are replacing my old PA-500's. The PA-500's have v7.0.5-h2 of the PANOS installed. The Firewall Migration Guide states that I need to update the PANOS on my old firewalls to match the new firewalls at 8.1.0. The PA

...

2 factor authentication and radius on global protect

I see where you can do radius authentication on the global protect client, does that mean you can also do 2 factor authentication?

Resolved! asa to pan migration

i had a migration from asa to pan which failed

curent conectivity is

asa (no change)<>switch (no change)<>asa (to be replaced)

planned connectivity is

asa (no change)<>switch (no change)<>pan (replacing asa)

i reused ips from asa on new pan and cleared a

...

Global protect problem

There is such kind of error when one try to connect to portal

how it can be resolved?

Dynamic Updates only on Active HA Member.

Our active HA member failed last week, and that highlighted that the passive had a couple of minor issues with the Dynamic update configurationa and email configuration which we fixed.

Howevr it's also highlighted another issue.

Our "Content Updates"

...

Resolved! 2 Step RADIUS Auth Reliability

We are trying to get 2FA RADIUS based authentication working with our Palo's and are seeing unreliable results. After much hunting and teeth gnashing we think we may have found the issue, but not the cause.

The below is a debug dump from the RADIUS

...

Resolved! Zscaler and Minemeld

Hello,

I'm using Minemeld 0.9.44 and I would to get 'range' from the URL https://ips.zscaler.net/cenr/json.

After several attempts with JSON prototype, trying to set different extractor, field (indicator set as range).

I'm still not able to get a

...

Destination NAT for mutilple of ports in a single NAT rule

So there will be a range of ports that need to be NATTED, but on the GUI, I can only specify a single port.

Can anyone tell me if this will work if I leave the port empty like below:

set service-group "Veeam Management" members [ "Veeam 2500-2600" "Ve

...

Resolved! Creating a global, URL based whitelist rule

I'm trying to build a global rule for Sophos cloud based services. I've built a list of all the URLs they use, added the URL list to the URL category part of the rule with the applications web-browsing, ssl, sophos-update and sophos-live-protection,

...

Getting started Panorama 8.1

Ok, let just star by saying I am new to Panorama and I think understand the concept but just doesn’t work as expected. So I will just explain the end goal, I currently have an active/passive pa-500 pair that I am switching to two 3220 in an ha pair. ...

Adding MFA to Pre-login GlobalProtect

Global Protect VPN Solution is defined with Pre-login and always-on VPN features.

Workflow:

Once machine is booted and before user login, Machine is authenticated based on certificate and identified in logs with (Pre-login) user
Pre-login access is re

...

Resolved! Asterisk Wildcard Error

When Creating a Custom URL Category, I am entering a wildcard infront of the url *lans.com.au

However when attempting to apply this wildcard, I am getting this error

URLBlock -> list '*lans.com.au' is invalid. Consecutive asterisks (*) in a URL wildc

...

Resolved! Policy Export

Hello,

Is there way to export a policy from a PAN device in a read-able format? We are in the process of cutting over a new PAN internet firewall and all the rules had to be created by hand (from the previous vendor model). I'm looking for the ability

...

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free