General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Kerberos SSO

Hi community,

I'm trying to setup kerberos sso for captive portal authentication and all my attempts are unsuccessfull. I always redirected to the captive portal web-page. So sso is not working.

All configs was done step-by step by the guide.

Kerberos

...

Is it possible?

Is it possible that the traffic which fall under the rule interzone-default get action ALLOW ?

How it is possible?

Resolved! GlobalProtect User Report with Login and Log-out time

How do I create a custom report that will query all users and list their GlobalProtect VPN login AND logout times?

Create or clone an application

I would LOVE to create an application/AppID for SSh on an alternate port, e.h.10022 rather than 22. I thought cloning the ssh AppID would be the way, but Clone is greyed out and unavailable.

Creating or adding an Application seems straight forward u

...

Filter rules with no log forwarding profile configured

Anybody knows a trick how to filter for rules with no log forwarding profile configured?

(log-setting eq 'Profile-Name') => all rules with Profile-Name

!(log-setting eq 'Profile-Name') => does not work, shows all rules

(log-setting neq 'Profile-Name')

...

Resolved! Deploying Minemeld in AWS using cloud-init

Team, I'm attempting to delpoy a MM instance into AWS and running into issues which appears to stem from rabbitmq. I have a firewall and other Unbuntu instances deployed so I know my network settings are good. When I deploy the MM instance I can vali

...

App-ID Dependencies and Security Rule Order

Which one of the following is the correct way to configure app-id and security rules? (Bonus points for why.)

Enable MS Teams through minemeld

Hi,

When trying to use Minemeld to enable access to Office365 MS Teams brakes. This is because url api.teams.skype.com is not in the url list minemeld pulls. Instelad this url is being categorized as 'internet-communications-and-telephony' by panos

...

Dynamic List for URL Filtering

Hello,

We would like to use the Dynamic list for URL filtering function but we want to pick up the list from an internal web server, the link below says the path with follow the service route for palo udpates but this for us will be out to internet,

...

Playtime

I know that I am not the only one who faces trying to track and minimize the amount of playing on the internet during regular work hours. Is there anyway to track and prove that a user is playing on the internet when they should be working using the

...

VPN users

Hello,

Is it possible to restrict access to servers for a VPN user? (allow one or two servers access in the local network)

Resolved! Stable OS version as of April 2018

Hi,

We have multiple firewalls with different version of O.S.

Could someone give me a summary of recommended version/release per each major OS version?

Like what would be the recommended version for the ff versions: 7.0, 7.1, 8.0?

Thanks!

ACC Report mismatch some during time

Hi all, I found the issue about ACC report mismatch some during the time

Symptom: I try to compare between during time last 24 hour and last 7 days is found mismatch which lasts 24 hours have traffic more than 18 G but last 7 days have traffic 50

...

Resolved! Custom Email alerts based on System logs in Panorama 8.x

I have configured Scheduled configuratio export for Panorama and all firewalls to an SCP server

This is done via Panorama.

Is there any way to schedule an email alert after evry succesful backup of configuration. Or in case of failed export of configu

...

Set up of Firewall and VRRP on routers

Hi People,

I have a network situation wherein I have to configure VRRP in internet facing routers.

What changes do I need to make on firewalls ? How would I configure this design ? Do i need switch on between firewall and routers or can i direct setu

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Kerberos SSO

Is it possible?

Resolved! GlobalProtect User Report with Login and Log-out time

Create or clone an application

Filter rules with no log forwarding profile configured

Resolved! Deploying Minemeld in AWS using cloud-init

App-ID Dependencies and Security Rule Order

Enable MS Teams through minemeld

Dynamic List for URL Filtering

Playtime

VPN users

Resolved! Stable OS version as of April 2018

ACC Report mismatch some during time

Resolved! Custom Email alerts based on System logs in Panorama 8.x

Set up of Firewall and VRRP on routers

IKEV2 w Cert - Wildcard peer for DN does not work.

Transferring assets from one CSP Tenant account to another

Proper "outside" interface configuration

Configuring Palo Firewall into an IDS

A question about ECMP

Re: MFA external provider question

Re: GlobalProtect 6.3.3

Re: SPARE device usage

Re: Upgrade path to 11.2.5 from 11.0.0 on a PA-410

Re: Global Protect application blank screen

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! GlobalProtect User Report with Login and Log-out time

Resolved! Deploying Minemeld in AWS using cloud-init

Resolved! Stable OS version as of April 2018

Resolved! Custom Email alerts based on System logs in Panorama 8.x