General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

MineMeld not loading after installation

After succesfol installation of MineMeld in a Debian9, by using this article: https://github.com/PaloAltoNetworks/minemeld-ansible

When accessing to HTTPS://IP_Address it stays forever loading (showing the loading "M"). I can't see any error in the

...

Virus/spware download blocked but no threat logs

Hi

When users are accessing internal portal then they are getting "Virus/spware download blocked" on browser with file name (althrough they are not accessing this file) but there is no virus/spyware logs in threat monitor tab.

Any pointers how to fi

...

nbar

Hi,

What is the NBAR equivalents in pa- qos or how does it works in PA

Thanks

Resolved! After Factory Reset Cannot connect to management server

Hi,

after i make a Factory Reset via Maintenance Mode with this HowTo -> https://live.paloaltonetworks.com/t5/Management-Articles/How-to-SSH-into-Maintenance-Mode/ta-p/59635 i cant connect via "www" to the management.

My new IP is default 192.168.1.1

...

Resolved! Two-factor token based (2FA) authentication mechanism for administrative access

Is there a way to configure MFA and OTP for administrative access. The company wants to comply with new standards and i didn't see way do it for local access. It is only mentioned how to do it for global protect vpn users.

IP Wildcard in custom report?

I have a custom report, I need to exclude 40 Instances of

192.168.x.100 to dest port (1234 or 1235)

is there a short way to do this or am I faced with 40 repeating lines like this....

( addr.src notin 192.168.10.100 and ((port.dst neq 1234) or (port.

...

Log forward without internal logging?

Should it be possible to LOG forward without having internal logging?

Some stuff I need to be able to deal with on the firewall, but others I just want recorded long term.

Seems to be no option to do it.

what NAT and Network config

Hi,

I have a router from my carrier. This gives me an internal IP 10.0.9.3 /16 from my internal Network 10.0.0.0/16 network and the GW IP he gave me is 10.0.30.99.

Now he makes natting so i could get internet access and there i have a static official i

...

Resolved! Global protect domain based local breakout

Hi,

I have a question regarding Global protect and partial split tunnelling.

Does GP have an option to only allow specific domains via local breakout, all other traffic should be forwarded into the tunnel.

I'm asking this question regarding 0365, all

...

Skype for Business not work if use SSL Decrypt

Hi,

Is it possible to exclude Skype for Business application from SSL Decrypt?

Custom No decrypt URL category is not an option because new clients with on-premises Skype instances coming constantly.

br

Toni

How do you disable Layer 7 inspection?

If I wanted no layer 7 inspection for a particular IP at a certain port - how can I do that without Application override? Thank you.

Any special instructions to move A/A firewalls from 7.1.x to 8.0.6 via Panorama?

Greetings all,

Title pretty much says it all but we're wanting to move to 8.0.6 since it is a Palo Alto support recommended version. We're currently running 7.1.4 I believe with both of our active/active firewalls. Panorama is already on the 8.0.x

...

Rob

General Topics

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

MineMeld not loading after installation

Virus/spware download blocked but no threat logs

nbar

Resolved! After Factory Reset Cannot connect to management server

Resolved! Two-factor token based (2FA) authentication mechanism for administrative access

IP Wildcard in custom report?

Log forward without internal logging?

what NAT and Network config

Resolved! Global protect domain based local breakout

Skype for Business not work if use SSL Decrypt

How do you disable Layer 7 inspection?

Any special instructions to move A/A firewalls from 7.1.x to 8.0.6 via Panorama?

Panorama scheduled config-export failure with 20 character SCP password.

How to Block weak ciphers?

Mixing App-ID and Service

GlobalProtect SAML Authentication Complete

how to generate an AWS Redis Auth code ?

How to validate Redis connection from vm-series on AWS ?

global counter tcp_case_2

IKEV2 w Cert - Wildcard peer for DN does not work.

Re: GlobalProtect 6.3.3

Re: GlobalProtect 6.3.3

Re: Support PAN-OS Software Release Guidance

Re: MFA external provider question

Re: GlobalProtect 6.3.3

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! After Factory Reset Cannot connect to management server

Resolved! Two-factor token based (2FA) authentication mechanism for administrative access

Resolved! Global protect domain based local breakout