General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

File Hashes?

Does anybody know where to find the associated file hashes for files from the threat or data filtering log? I know Palo is generating file hashes on files because that's how they're determing what to send to WildFire but I can't find a file lash log anywhere. I would like to see this in the data filtering log.

r_gine by L1 Bithead
  • 5535 Views
  • 5 replies
  • 0 Likes

Resolved! Couple of issues with MineMeld 0.9.42, PanOS 7.1.11

Hi, I have a couple of problems with MineMeld (on a VM from ova template). 1. I recently seem to have lost the ability to export a system backup (which was working until recently). In the log, I can see a bunch of "GET /jobs/status-backup/.....", but the actual download never starts. [2017-10-23 16:12:19 UTC] [1971] [INFO] AUDIT - {"ms...

Problem with Panorama

Hi, I need to specify a group to access an SSL VPN.When I try to select a user or group from the agent menu in Panorama, they are not available.If I try to do the same on a physical equipment, it works.Anyone know what I can do to fix this?

BancoABC by L1 Bithead
  • 3027 Views
  • 4 replies
  • 0 Likes

Resolved! Multiple Proxy Configuration Feed Miner

Hi people! I have an issue configuring multiple jsonseqfeed miners in my local instance of Minemeld. This is the actual case: I have multiple miners getting information from autofocus. To get these to work, i had to add the proxy configuration in the /etc/default/minemeld file, no big deal.A group of colleagues, working in another project, have ...

juaniin by L0 Member
  • 3852 Views
  • 1 replies
  • 0 Likes

Resolved! Default gateway to router with two IP address

Hi, I am installing a PA-3020... the customer have a internet router which has two public IP address (190.30.40.1/24 as primary IP and 186.3.30.1/24 as secondary IP).Currently the customer have a Cisco ASA, it is directly connected to internet router, but the IP address in Cisco ASA (untrust interface) is 190.30.40.2/24 and its default gateway o...

ms-teams not working

Hello, Ms-Teams works fine when we set the Profile setting to 'none' for the policy. As soon as we set the URL filtering profile, it stops working. We have allowed the category. Also, made sure *.teams.microsoft.com is added in the Overrides>allow list. URLteams.microsoft.comCategoryComputer and Internet Info What else we can check?

Farzana by L4 Transporter
  • 10392 Views
  • 1 replies
  • 0 Likes

PA200 and PAN OS 8.0.5 is it a good idea?

Hello I got new PA200 as a RMA replacement so I have more time for upgrade. Is it a good idea to do that? I keep always to wait at least for X.0.5 since I upgraded one time to 6.0.0. and it was nightmare. Is someone using 8.0.5 on PA200? or 8.0.4? What about commit time comparation to 7.1.x? RegardsSlawek

_slv_ by L4 Transporter
  • 7341 Views
  • 7 replies
  • 0 Likes

Youtube with Restricted Mode-On

Hello, We would like to play specific videos on youtube with Restricted Mode to On. We have followed the article below but no luck. https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Allow-a-Single-YouTube-Video-and-Block-All-Other-Videos/ta-p/58944 Is there a way of allowing just that specific video to play?

Farzana by L4 Transporter
  • 2857 Views
  • 1 replies
  • 0 Likes

Virtual Router static routes

So I made the mistake of creating static routes that specify an exit interface. So now I have traffic coming into the firewall and then going out a different interface to get to other networks, rather then having that traffic hairpin back down my AE interface. So I have kind of a loop going on. So my quesiton is: Can I remove the exit interface ...

Resolved! Pattern of network vulnerability scanning coming from all over the world

In the last month or so we have seen lots of network vulnerability scanning for the following 3 Threat IDs coming from all over the world.- MVPower DVR TV Shell Unauthenticated Command Execution Vulnerability(30426)- WebUI mainfile.php Arbitrary Command Injection Vulnerability(38836)- Wireless IP Camera Pre-Auth Info Leak Vulnerability(33556)We ...

CTW1983 by L2 Linker
  • 4142 Views
  • 2 replies
  • 0 Likes

Best Implementation of PA 8.0

Dear All Expert,Do anybody can share Best Implementation of PA-8.0 ?https://www.sans.org/reading-room/whitepapers/auditing/palo-alto-firewall-security-configuration-benchmark-35777 Best Regards,Chhayheng

Resolved! Cannot access PA-200 via Console

Greetings all, I have a PA-200, there it was previously configured and it was stored for long time, we wanted to reuse it, however, I cannot access it via console, when I connect to it nothing there in Putty just black screen. here is what I have: Console cable connected to USB-Serial( Iam sure the cable and adaptor works fine, I tested it with...

mfkoko by L1 Bithead
  • 15355 Views
  • 8 replies
  • 0 Likes

Block SSL urls for BYOD student users- Maintain Cert trust chain

Hello all... I find myself in a bit of quandary on how to deal with blocking\inspecting various SSL based urls for our student BYOD users. I realize I need to decrypt the traffic in order to take action on it... but our problem lies with how to deal with certs....and keeping browsers happy with an intact trust chain. PA support told me that I mu...

Is it possible to export the private key from the forward-untrust certificate to view in wireshark ?

I want to check a specific HTTP request that is send to a webserver and which is currently blocked by one of our vulnerability checks to verify if the signature is correct.But I need to be able to view the decrypted data on the exported capture, therfor I have to import the private key of the forward-untrust certificate into wireshark....But I h...

DaxVC by L2 Linker
  • 2655 Views
  • 1 replies
  • 0 Likes

dismiss global protect download link From GP Portal

hi Guys, well, i m running on version 8.03 and have done all necessary clientless configuration but one thing is a bit weird to me. - Once a user log in via the Portal, he is able to use or see the GP download link, has anyone any idea on how to dismiss the GP download Link from the Portal? i want them to see only the assigned applications. ...

big_Gilo by L2 Linker
  • 2515 Views
  • 1 replies
  • 0 Likes
  • 24401 Posts
  • 123 Subscriptions
Top Solution Authors
Labels