General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 274 Views
  • 0 replies
  • 1 Likes

URL category determined from browser?

I had a website that was mis-categorized and put in a request to have it recategorized. It changed in the next PAN-DB update within the hour, and I was able to confirm that the site was showing the proper category now. I could see the new category be

...

OpenPhish Feed False Positives 10/07/17 Around 04:00 EDT

We have a URL EDL setup using the OpenPhish miner that comes with Minemeld  (openphish.feed miner) that a deny rule is matching against.  We have never had any issues with it blocking legitimate URL's but a few days ago the deny rule that matches aga

...

jdemery by L1 Bithead
  • 5909 Views
  • 2 replies
  • 0 Likes

Captive portal issue

hi

 

-captive portal is configure for the users 

-on iphone it is working fine 

-for andriod versions i.e it is not poping up the page

-Sign-in to wifi Pop Up is not coming on android 6.0.1, android 5.0, android 4.4.2

-Intermittent connection on mobile app

...

Rameshwar by L3 Networker
  • 4043 Views
  • 10 replies
  • 0 Likes

Resolved! Separating Inbound and Outbound indicators

I created a miner based on Unit42 tag search. I was trying to see how many inbound and outbound indicators it has, so I added two processors (Prototype: stdlib.aggregatorIPv4Inbound & stdlib.aggregatorIPv4Outbound) and connected to output nodes. Some

...

Get newly added Device in sync with Panorama

I have been manging a PA-500 individually for a few months due to it being on Code 5.x and it not being able to be managed by my Panorama 8.x server. So I have finally brought this PA-500 up to code 8.x, runs like an old three legged dog now, but now

...

Disabling BYOD VPN when not conncected.

For security of my personal device, I'd like to verify how to fully disable the BYOD VPN software when I'm not connecting.

 

Also, I'd like to verify how can I be sure I'm running the BYOD version and not some version that has spyware capability?

Resolved! Panorama traffic invisible

PAN(VM) and PA1 management interfaces are both Zone A.

 

PA1 connects to PA2(remote site) on IPSEC tunnel. Traffic from PA2 on PA1 is considered in Zone A and viceversa on PA2 for traffic from PA1. 

 

If i do packet capture on either PA, I can see there

...

raji_toor by L4 Transporter
  • 4017 Views
  • 6 replies
  • 0 Likes

How to block unknown machines from traversing the network

Hi all. My question is how can I create a rule that blocks traffic from a computer I brought from home as opposed to from my work domain? 

 

I want to be able to see people that bring their own devices onto the network and then block access to the netw

...

Roshawn by L2 Linker
  • 5419 Views
  • 10 replies
  • 0 Likes

Resolved! Syslog miner indicator

Hi, i'm trying creating a indicator for SLW injections events , extract src_ip and insert into 

 

Down below the code attached to the syslogminer class stdlib.syslogMiner , unfortunaltely validate process reports errors with the only suggestions "Con

...

Is it possible to monitor PBF rule status via SNMP?

Hi-

 

Is there a way I can get our PA-220 to alert our SNMP monitoring system when a Policy Based Forwarding rule fails/activates?

 

I've set up SNMP on the firewall, added a device entry in our PRTG monitoring system, and set PRTG to automatically detec

...

IPSEC Tunnel messages and failure

On Weelkend, one of our tunnels was down for about an hour. I was checking system logs and found these messages repeatedly for that tunnel, even after it is up. Anybody knows what this means and what to look for in logs to find the cause of tunnel fa

...

raji_toor by L4 Transporter
  • 7572 Views
  • 7 replies
  • 0 Likes
  • 23639 Posts
  • 107 Subscriptions
Top Liked Authors
Labels