UPDATE 11/8/23 11:43 a.m. EST:
LIVEcommunity’s System Update will be delayed. This means your use of LIVEcommunity will not be impacted this week (11/8-9), and you can proceed with business as usual.
Thank you again for your patience and stay tuned
...
We are excited to announce a new Engineering Blogs section on LIVEcommunity, exclusively curated by Palo Alto Networks engineers!
This dedicated area will be home to technical posts about Palo Alto Networks innovations to build scalable and reliabl
...
Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
Hello All,
As the title states, I am new to Palo Alto training and the Community. I have started the lab Firewall 7.1: Install, Configure, and Manage (EDU-101) and downloaded the lab guide. I would like to login to a device as it states on step 3:
"3
...
Hi,
I have two zone (trust and trust),
for trust to untrust traffic flow and untrust to trust , do I need to create two security rules ?
Thanks
Hi,
Users complain about the office365 outlook connectivity ,slow submission of email . From PA prespecive what need to be verified and make sure there is nothing from the PA side .
Thanks
Suppose I wanted to create object group "blob" with 10.10.10.5 .6 .7 8. .9 - and I'm working in the PAN GUI
- is there a way to paste those five addresses into the address group? It seems like my only option is to click
Add (obj group) Add (address) an
...
Why Palo is not sinkholing DNS queries to the kill switch URLs? Currently if I run a DNS lookup request for the kill switch URL, it come back with the valid DNS response. shouldn't this be sinkholed?
When the guy "accidentally" found the kill switch,
...
Hello.
There is a question about OSPF adjacency flapping caused by minor changes in OSPF process.
I planned data-center deployment of PA-5060 HA-cluster. In this plan PA-5060 needs to be attached to OSPF AREA 0, and multiple NSSA areas in different s
...
Saw this notice on the dshield page the other day that they will be blocking generic pulls from agents if they don't have contact info in the script. Still learning about minemeld but know dshield is one of the default miners and was just wondering
...
Hello,
I have a dev and prod instance of MM. Noticed both dev and prod behaving the same way, where many indicators were not showing up in output feed for AWS miners. Config on both is the following:
nodes: aws_route53_miner: inputs: [] ...
What is the difference between pre rules and post rules ? None of my colleagues could answer this question upto my satisfaction.Can I expect expert comments ?
In our environment, there is a PA between Minemeld and the Internet, so PA access control.
Would you please tell me the subject URL and port number ?
(A specific external feed becomes O365 is https://paloaltonetworks.box.com/s/gndwe5rzheg1ekwplxb4m
...
Hello Community members,
For those who are using 7000 series chassis, how many NPCs are installed in the chassis? Are all of the NPC have interfaces connected to the up/down stream routers/switches? What kind of latency are you experiening when th
...
Hi,
After egress max set in the following order ,
If 100 Mb is the internet speed and through the trust link (1 GB) traffic is going other than untrust ( internet zone ) ,
the below configuration is ok ? .
class 1 10
class 2 10
class 3 10
class 4 4
...
Hi
Newbie to PA.
I want to create a address group dynamic (think that might be best. made up from a group of network addresses in each DC.
So for example if I have 3 DC
dc1 - 10.1.0.0/16
dc2 - 10.2.0.0/16
dc3 - 10.3.0.0/16
I could tag them with "dc_ne
...
IKE is failing to negoriate phase 1. I get this timeout and then a delete. Any thoughts on the possible cause? I'm thinking
the peer is perhaps not permitting the traffic from this device perhaps at a security device in front of their tunneling firew
...
In our environment we use tags on individual IP addresses for a few different things and then have policies in place to take those actions based on those tags.
Sometimes we have requests come in with a lot of indivudla IP addresses that we have to ad
...
Raido_Rattameis
aleksandar.asta
TomYoung
on:
PA OS upgrade issue and question
aleksandar.asta
