General Topics

Discussions

Sorted by:

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Global VPN

Hi All,

Since IOS devices has issue in global vpn due to which it cannot access the DNS define in gateway when splittunneling is enabled.Due to which user cannot access certain URL so we added them in DNS suffiex , but if we want to define the domain

...

Migrating Site to Site VPNs to IKEv2 & Suite B Crypto

Dears,

I have multiple site to site VPN between my branches and most of them are terminated on PAN3020 and PAN-820.

I want to upgrade them all to IKEv2 and Suite B Cryptography.

What is the recommended IKE and IPSEC proposals when moving to IKEv2 and

...

Resolved! Critical License Expiration

Hi! I have a PA-VM 300, and I've got the error message "Critical License Expiration" warning.

I can't seem to ping my fw interface from a directly connected host, though I have my MGT profile configured to allow ping to my internal interface.

I have r

...

Need assistance with Certs and Firewall

I has been years since I have done anything with Microsoft CA so I am really struggling.

Here is the problem:

When enabling URL filtering and I am blocking a certain site that has HTTP and HTTPS, the HTTP page will present the block page, but the HT

...

Resolved! Certificate expired

Hello,

Received following message/alert.

Warnings

Certificate PA Net Root CA in shared expired on Jun 3 23:26:00 2016 GMT
Certificate GlobalProtect in shared expired on Jul 27 02:34:06 2016 GMT

Do we need to action any renewal? If so, kindly show the ste

...

Panorama slowly driving me insane.

I'm wondering if anyone can explain this to me.

I've recently started working with Panorama. When I import devices I follow this process:

Add device, and input the serial number of the device and commit.
Wait for it to connect.
Import device configurat

...

Panorama Certificate question

In pamorama I created a default template with basic configuration settings for all firewalls and then create a site specific template and put them both in a template stack to apply the stack to each firewall. This way the default settings apply to al

...

rules to allow webinars while blocking http-audio and http-video

We block most http-audio/video in our enterprise but we allow access to webcasts/webinars. We have had to resort to create a "webinar" rule allowing http-audio and video, rtmp, rtmpe, gotowebinar, and more... with specific IP ranges. Because these ch

...

Resolved! Redundant circuit fail over capabilities

This is a general question about PAN capabilities.

We are looking at acquiring a second, slower circuit for internet access backup. We would like this to be an automated fail over. I am trying to see if our PA 3050's are capable of this and am lookin

...

SIP - services only, does ALG apply?

I am troubleshooting Cisco phone registration issues through a 3020 running 7.1.7 . My rulesets are only service based (TCP/UDP 5060, 5061, etc) and allow any application. Cisco TAC is telling me that ALG issues are interfering with registration.

...

Palo Alto ping response is slow from Cisco

A directly connected Cisco 4500 Switch Ping's to different office goes through the PA cause nearly 700-1000msec, whereas PA pinging the Server to same site has only 20msec. I understand the Ping ( and Extended ping with TOS 184) is not the exact way

...

Resolved! Incorrect User-ID

Hello,

We are using User-ID Agent.

A number of Source Users are reported as “sophosupdate”. It is not picking up the correct user.

The expected behaviour would be for the end user name (example of m.hayes in the list below).

How to correct this?

Thank

...

How can I create a report that shows my ISP outages in a given month?

The information I'm trying to see is how often one of my ISP's goes down in a given week/month.

I have dual ISP's so I use PBF rules to failover. I currently have a system log setting to email me when a PBF rule is triggered (subtype eq pbf). But I d

...