General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 314 Views
  • 0 replies
  • 2 Likes

Resolved! Adding Virtual Systems (VSYS) to production PA-3020

I have run out of Zones on my PA-3020 and can't justify purchasing a 5020 so I am exploring the addition of VSYS license on the 3020.

What am I going to be getting myself into if I need to go this route and add the VSYS licensing? Will it break my exi

...

Anyone have a good list of Azure IP addresses?

Our developers have websites in the Azure cloud, which make calls in to servers internal to our network. I am trying to keep a limit to what Azure IP addresses I allow access in, but it becomes a game of whack-a-mole each time the IP changes and I ha

...

Limited Role to disable GP

We are using GP in an always on state.  From time to time our users need to disable it to user another VPN or when things just aren't working.

 

I would like to be able to allow our help desk to log in to our firewall and only be able to go to Network

...

URL category determined from browser?

I had a website that was mis-categorized and put in a request to have it recategorized. It changed in the next PAN-DB update within the hour, and I was able to confirm that the site was showing the proper category now. I could see the new category be

...

OpenPhish Feed False Positives 10/07/17 Around 04:00 EDT

We have a URL EDL setup using the OpenPhish miner that comes with Minemeld  (openphish.feed miner) that a deny rule is matching against.  We have never had any issues with it blocking legitimate URL's but a few days ago the deny rule that matches aga

...

jdemery by L1 Bithead
  • 5926 Views
  • 2 replies
  • 0 Likes

Captive portal issue

hi

 

-captive portal is configure for the users 

-on iphone it is working fine 

-for andriod versions i.e it is not poping up the page

-Sign-in to wifi Pop Up is not coming on android 6.0.1, android 5.0, android 4.4.2

-Intermittent connection on mobile app

...

Rameshwar by L3 Networker
  • 4055 Views
  • 10 replies
  • 0 Likes

Resolved! Separating Inbound and Outbound indicators

I created a miner based on Unit42 tag search. I was trying to see how many inbound and outbound indicators it has, so I added two processors (Prototype: stdlib.aggregatorIPv4Inbound & stdlib.aggregatorIPv4Outbound) and connected to output nodes. Some

...

Get newly added Device in sync with Panorama

I have been manging a PA-500 individually for a few months due to it being on Code 5.x and it not being able to be managed by my Panorama 8.x server. So I have finally brought this PA-500 up to code 8.x, runs like an old three legged dog now, but now

...

Disabling BYOD VPN when not conncected.

For security of my personal device, I'd like to verify how to fully disable the BYOD VPN software when I'm not connecting.

 

Also, I'd like to verify how can I be sure I'm running the BYOD version and not some version that has spyware capability?

Resolved! Panorama traffic invisible

PAN(VM) and PA1 management interfaces are both Zone A.

 

PA1 connects to PA2(remote site) on IPSEC tunnel. Traffic from PA2 on PA1 is considered in Zone A and viceversa on PA2 for traffic from PA1. 

 

If i do packet capture on either PA, I can see there

...

raji_toor by L4 Transporter
  • 4030 Views
  • 6 replies
  • 0 Likes

How to block unknown machines from traversing the network

Hi all. My question is how can I create a rule that blocks traffic from a computer I brought from home as opposed to from my work domain? 

 

I want to be able to see people that bring their own devices onto the network and then block access to the netw

...

Roshawn by L2 Linker
  • 5469 Views
  • 10 replies
  • 0 Likes
  • 23658 Posts
  • 107 Subscriptions
Top Liked Authors
Labels