General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Minemeld show Error when login "ERROR CHECKING CREDENTIALS: Timeout"

I clone VM Minemeld. Then I change IP & Hostname on Cloned Minemeld VM.

When I login on WEB GUI. It show message: "ERROR CHECKING CREDENTIALS: Timeout"

How I resolved this issue? What log for investigate?

Thank you

BrightCloud URL Filtering Service End-of-Sale Notification - how to change to PANDB?

Hello

On 01.02.2018 was anounced EOL for BrightCloud. How to migrate to PANDB? I have active licence until june 2018. I'd like to migrate right now...

Regards

Slawek

multiple user-ip-mapping sources

I recently configured windows user-id agent and have it in conjunction with agentless user-id.

Can I have both running on the firewall as a redundancy?or should I remove agentless config?will it create any harm if I keep both running?

Resolved! User activity report Query

Hello,

I go to ACC tab -->Onleft side select the time frame --> Network Activity -->User Activity --> Export to PDF

1) User activity report when it is pulled it shows Source User and destination User. What is that destination user means?

2)Under Dest

...

Check GlobalProtect VPN users with PowerShell GUI

I wrote a simple PowerShell GUI script that can check for GlobalProtectVPN users connected currently, or at a past date.

It uses the Rest API to grab the information. Not sure if anyone would find it useful.

Here is the Github link: https://github.com/

...

Resolved! Wildfire Activity?

Hi folks,

We have a Wildfire public cloud subscription, dynamic updates, and security profile configured.

I've been asked, "How do we know it's doing anything?".

When I look at Wildfire submissions, the last submissions are from January and end of las

...

DAGPusher - Questions; API Key? How to specify what Dynamic address group object to apply IPs to?

Regarding DAGPusher Output node.

I don't mean to hit anyone with a firehose but I have several questions I'm having trouble finding the answers to regarding the DAGPusher Output node in MineMeld. It's my understanding this node will allow MineMeld

...

DAGPusher new setup

Hello,

I finished the setup of DAGPusher and DAG in Panorama.

The list of indicators is populated in the MineMeld DAGPusher but my DAG in Panorama is not populated.

In the MineMeld logs I can see following:

2018-02-23T14:18:23 (17217)dag._device_pu

...

Resolved! Custom URL matching on wrong URLs

Hi,

I have a security rule that's supposed to be only allowing traffic for URLs in a custom URL category. However, it appears that it's matching lots of other URLs that aren't in the category. Below are some screenshots. I'm running v8.0.6. Let m

...

Resolved! Verify SSL and SSH Inspection

Hello everybody.

I am using the SSL Inspection over HTTP (HTTPS) service on our office GWs. I know how to set up rule bases and configure my Decryption Profile well. I have read PAN's documentations and watched a tutorial about how to configure a SSL

...

Req POLICY BASE IPSEC Site to site vpn

Req POLICY BASE IPSEC Site to site vpn, if any one have share it .

Multiple Cisco Router IPSec tunnels to single Palo Alto IPSec Tunnel

Dear peers,

I have been fighting an issue for about a month regarding issues running Cisco DMVPN behind a static 1-to-1 NAT address (VeloCloud not a Palo Alto). I am currently still trying to ascertain if this is an issue with the VeloCloud applianc

...

Resolved! URL database schedule

I was going to check the update schedule of URL database but this is no longer there. Although i can see update has happened today. License is still valid. PANOS is 8.7.

url-filtering-version: 20180228.20221

GP user logouts.

trying to find out if there's a list of the various messages and what they mean, particulary with 'globalprotectgateway-logout-succ'. I'm specifically trying to identify what 'Reason: remove previous login' means.

I assume it means the previous sessi

...

Resolved! How to translate IP and port from trust to trust?

My goal is to be able to reroute traffic from internal server 192.168.0.10 port 123 to other internal server 192.168.0.20 port 456

My understanding is that I do not need a u-turn nat rule since we're using internal IP addresses, however so far I've n

...

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Minemeld show Error when login "ERROR CHECKING CREDENTIALS: Timeout"

BrightCloud URL Filtering Service End-of-Sale Notification - how to change to PANDB?