General Topics

Discussions

Sorted by:

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! User-ID and child domain Global Catalog server

Hi,

I have a deployment question in regard to User-ID and multi domain.

If we are trying to pull group mappings and have user ID setup only on a child domain server through GC LDAP, the user credentials used to login and thus pick up with the userid

...

Filtered OSPF

I would like my PAN 5060 to learn one route from my OSPF infrastructure generally - but no others. The idea is that when this route is availalbe traffic would flow to the inside trusted interface of the PAN. But if that route drops out due to WAN cir

...

Centralized User ID Agent to All firewalls with AD integration

Dear Community,

Kindly note that we would like to achieve AD integration through centralized user id agent ,in that all of the firewalls will have userid agent which is integrated with AD.

So basically userid agent work as a proxy, How this can be ac

...

SSH Brute Force and IP exception

I have vulnerability profile with action for High severity signatures as "alert". I then configured an exception for SSH Brute Force (ID 40015) as "block-ip, src and dst (30 mins)". Everything worked well until we had issues for the systems exiting

...

NTLM authentication problems

Hello,

I`m trying to configure NTLM Authentification over Captive Portal for users in my network. I have PA-500. I set the next configuration parameters:

1. LDAP Server Profile

2. Authentication Profile

3. Authentication Policy (Authentication enforcemen

...

Logs not appearing in WebUI (likely nginx configuration fault)

Let me preface this by saying that I'm awre i've introduced this fault through my own modifications (and lack of experience with nginx). That being said I'd appreciate and insight into how I've broken this function.

Symptom is that the 'LOGS' tab on

...

Pan-OS 8.0 and PA-200

Has anyone upgraded a PA-200 to PAN-OS 8.0? If so have you seen a performance hit at all? Notice a difference in how long things take? Commits? Response time? How long did the upgrade take? Did it take the 50-60 minutes Palo says? If so is that sitti

...

Resolved! How PA deals with packets with bad checksum?

Hey Guys,

Just trying to find out if someone knows, what PA policy is regarding packects with bad checksum?

Will they be allowed through the PA, or PA silently drops those packets or sends back a reset to

the source?

Any help appreciated.

Thanks,

Fatema

...

BGP peers transit sessions flapping

Hi Guys,

PA-5050 is a transit device for four BGP peers. Had no flapping since 2015 on PAN-OS 6.0.12. After upgrade from 6.0.12 > 7.0.11 BGP peering no longer stable:

Can anyone advise something? Apart of the increasing a timeout session under the a

...

Resolved! Compatibility between Panorama 8.0 and PA-FW 7.0 and 7.1

did any one try to manage PA 7.0 and 7.1 with Panoramma running 8.0 ??

is it supported ?

any known issues ?

we are managing more than 100 PA-FW running 7.0 and 7.1 using panorama 7.1

recently we started to add PA-800 which doesnot support OS 7 is it saf

...

GlobalProtect Patch management Issue

Hi everyone,

We have a (HIP) check list of security requirements (joined domain, antivirus version etc… ) for our user machines must be comply with this list before our VPN user can access corporate servers.

We want to add Microsoft Patches (updates

...