This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4244 Views
  • 0 replies
  • 0 Likes

Resolved! Minemeld List or Miner for a static list of IPs/URLs

Creating this post based on another thread. In a previous post's comment section, @spssspss asked "Is it possible to create a white list from an IPs address file?" and Luigi requested a new post be created for this functionality.. Can a list of IPs or URLs be hosted on MineMeld without the content actually being pulled from an external source...

Resolved! Can't update a PA-200 manually

Hello i have an PA-200 running with PanOS 8.0.3 that got no support. Before i could do an update of PanOS manually without Support License. Now i wanted to do an manual update to 8.0.6 but it didn't work. I only get a message that the device got no support.When i upload the new Software Version, i can't see it on the device (Gui or CLI). I can s...

s.debus by L1 Bithead
  • 4060 Views
  • 2 replies
  • 0 Likes

Need to enable Multicast on Site to site IPsec Tunnel

I am working for a product based company, Our Company products will work on Multicasting. usually most of our clients are using Cisco and Juniper equipment . Recently we got a new client and where they want to deploy Palo alto firewalls on multiple sites. We need to implement the multicast on Site to site tunnel. I have gone through PA Configura...

suppind1 by L0 Member
  • 3831 Views
  • 2 replies
  • 0 Likes

External Dynamic Lists not working

Hi all, I have configured EDL of type Dynamic URL Lists with the next configuration Then in URL filtering profile the ransomwaretracker_URL category is configured as BLOCK and the Profile is applied in the Security rule. It seems configured correctly, I can list the EDL in CLI, but if I try to go to listed URL, it does not blocked. PAN is worki...

EDL.png
COMIP by L2 Linker
  • 19835 Views
  • 16 replies
  • 0 Likes

Resolved! credential tab missing in user id agent 8.0.5-7

I'm unable to find credintial tab in user id agent. I have downloaded these files UaInstall-8.0.5-7 & UaCredInstall64-8.0.5-7 and installed, both service are also running.Any one faced this issue? or please let me know how to troubleshoot this issue. Teachnical detailsInstalled on windows server 2012 r2DC type is Readonly Service account is ...

1.png
2.png
3.png
4.png

Inbound Decryption Advice to overcome Decrypt error

I am asking for help to get SSL Inbound decryption working. I have read all the posts and tried everything I can think of but I keep getting the decrypt error status so I may have a basic misunderstanding. If someone has an insight into what I am doing wrong after reading the information below I would be grateful to receive it.The web server is ...

ClientHello.jpg
ServerHello.jpg
ChangeCipher.png

Resolved! DHCPv6 client support?

Is there an option to have the PA act as DHCPv6 client (DHCPv4 client on an interface is obviously supported)?I get a /56 prefix from my provider and my DSL router offers me the option to assign a /64 prefix via DHCPv6 (IA_PD), but I cannot find an option to make the PA use it (the PA is configured in Layer3 Mode and sits between DSL router and ...

ctr_ts by L1 Bithead
  • 5903 Views
  • 2 replies
  • 0 Likes

Minemeld PA syslog processing

Hi, I installed Minemeld. I'm now trying to mine the PA traffic logs via syslog. It seems that the processing works but no indicators are extracted? The PA is running 7.1.13 and sending the syslog messages on TCP port 13514 to the Minemeld server.I already looked into the /var/log/rsyslog.log file but I do not see any messages. How can I troub...

image.png
jorisVD by L1 Bithead
  • 3334 Views
  • 1 replies
  • 0 Likes

Decent IPv6 miner

Hello all, We use MineMeld with our PA firewalls at work, so I thought I'd try it at home as well, and it was easy to integrate with my OpenBSD PF firewall. Lots of high-quality IPv4 address and subnets to block! However, I also run IPv6 at home and would like to import a decent feed. I already use unbound to blackhole everything in the SomeoneW...

Resolved! DAGPusher - Add device - Is vsys supported?

In a Dagpusher output, I see the VSYS as a column, but when adding device there is no input field for VSYS. I checked the code on GitHub for the file at: minemeld-webui/src/app/nodedetail/dagpusher.controller.ts Seems like maybe the VSYS is not fully implemented as part of add device. Can anyone confirm whether we can mention VSYS ...

Planned Cloud Services - GlobalProtect Cloud Service Maintenance Notice

Dear valued Palo Alto Networks customer, Please be advised that we have a planned service maintenance for the Cloud Services- GlobalProtect Cloud Service infrastructure scheduled from 12/21/2017 6pm PST to 12/23/2017 6pm PST. We expect the service to continue without disruption and you can continue business as normal. However, if you experien...

PA 3050 Logged in user web filtering

Hi , ive got a 2 PA 3050's running well , however sometimes they seem to fail to detect the user thats currently logged in and then it follows the sert rules to allow then a "Student-level" web filtering rules whereby shopping , and social media etc are blocked , is there some sort of browser addon that i can install on Chrome to ensure the 305...

VICO88 by L0 Member
  • 2124 Views
  • 1 replies
  • 0 Likes

How PAN firewall deals with deceptive or invalid URL ?

Users in my organization received spam email with embeded link URL like http://いい中古車.com When I check URL category in PA test URL website it says "http://いい中古車.com" is not a valid URL. What are the option to block this other than adding it in Block list under URL filtering profile ?

Fail over with SRV records

I know this isn't really a question for PaloAlto but I was hoping I might get some insight from the community.We are looking at acquiring a second circuit from a different ISP for a backup failover, not load balancing. I have been studying SRV records for prioritizing which circuits IP addresses remote users should use. It appears that SRV recor...

Bvance by L2 Linker
  • 2638 Views
  • 1 replies
  • 0 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks