General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Exposing Videoconference - "Incomplete" traffic allowed

Hi all

I have tried to expose Videoconference system behind Palo Alto.
Unfortunately using App ID in security policy I have seen Palo Alto allows a lot of "incomplete" traffic.

That's really an issue: When enabling h.323 in security Policy App id engine...

BFD Dropping During Firewall Failover

Having an issue with BFD. I have BFD configured between the Palo Alto and a couple of routers (BFD Single Hop). When a firewall failover occurs, this causes the BFD peering to drop and come back. I would not anticipate this to happen. This causes a u

...

Resolved! Management Interface traffic logs

Hi guys,

Is there a way to see traffic logs of management traffic? I'm trying to troubleshoot user-id redistribution source from the management interface.

Thanks

NetWorkZeus

Resolved! Customizing Prototypes in Office365

I note that Office 365 recently updated the URL definitions to include microsoft Teams etc.

Has anyone customized the prototypes to support this change ?

https://support.office.com/en-gb/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-4

...

Resolved! Panorama shows FW as disconnected after App and Threats Update

So I got the mail today about the certificate which is about to expire.

I installed App protection 694-4000 on the Panorama as described .

After the reboot I no longer have communication between my 2 PA-2050 boxes and Panorama. The log is no longer upd

...

Resolved! DNAT issues into servers with teamed nic's ?

DNAT issues into servers with teamed nic's ?

Anyone seen issues with this before ?

I literally can't DNAT into servers with teamed nic's..

I'm going to run a wireshark capture on the server to see what is going on..

PA upgrade problems

Hi, we have a cluster with PANOS 7.0.6, we want to upgrade to 7.1.8. In a similiar upgrading path we were affected for a bug related to VPN, which was applying when you jump to 7.1.0 an then 7.1.8. So we would need to jump directly to 7.1.8.

On the a

...

Panorama API commit

Is the commit-all API command in Panorama equal to the commit to Panorama shown in GUI.

Qos question

Hi,

Let's say user wathing youtube , to limit the user's traffic ,
do we need to create qos profile for upload and download ?
Thanks

PA-200 FYI

I haven't seen this mentioned so I thought I would put it out there quick. Palo Alto has identified an issue with PA-200 units with the serial numbers ange 001606044723 to 001606075266 that have SSDs that do not meet their standards. If you have an e

...

Forward segments exceeding TCP content inspection queue

Hi,

On a new PA-3020 Firewallcluster I decided to disable the default setting "Forward segments exceeding TCP content inspection queue". Practically everything was working as it should. But onfortunately the devil is in the details. I had very few co

...

Resolved! Virtual Firewall

Dear All,

is it possible to make a Local Virtual Firewall using Hyper V or Vmware for the purpose of learning the functionalities of the Virtual Firewall ?

New URL filtering category/feature for new domains (less then 24hr)

Please vote if you see this useful.

This would enable a category that would scope domains deployed with a life-time less then 24hrs.

Block new Domains created under 24 hour Block new Domains created under 24 hours old
FR ID: 7321

Resolved! Can't join Windows Updates server, application "not applicable"

Hi !

I'm trying to connect the server to the Internet in order to download and to install updates. My server is a Windows Server 2016, so i'm trying to reach Windows Updates servers.

In order to do that, I created a rule in the firewall :

The address

...

Adding a section title to a group of rules

Hello,

is there a way of adding a title/header to a group of rules in order to create some logical structure/grouping in the rule set?

In Checkpoint this is possible and we find that it helps keeping a big ruleset organised.

Thank you.

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Welcome to the General Topics Discussions!

Rules and Best Practices

Resolved! Exposing Videoconference - "Incomplete" traffic allowed

BFD Dropping During Firewall Failover

Resolved! Management Interface traffic logs

Resolved! Customizing Prototypes in Office365

Resolved! Panorama shows FW as disconnected after App and Threats Update

Resolved! DNAT issues into servers with teamed nic's ?

PA upgrade problems

Panorama API commit

Qos question

PA-200 FYI

Forward segments exceeding TCP content inspection queue

Resolved! Virtual Firewall

New URL filtering category/feature for new domains (less then 24hr)

Resolved! Can't join Windows Updates server, application "not applicable"

Adding a section title to a group of rules

FW Ha Cluster disconnected from Panorama

maximum number of bgp routes for VM-series

Flexible vCPU VM Firewall interfaces are down

Management and Dataplane on Vsys

Site flagged as GRAYWARE (PLEASE HELP!!!)

Re: Flexible vCPU VM Firewall interfaces are down

Re: Data center providing dual ports already in VRRP - my topology?

Re: PAN-OS Release Frequency

Re: Alerts for dynamic updates

Bug Search Tool (New Feature & UI)

Unlock your full community experience!

General Topics

Rules and Best Practices

Resolved! Exposing Videoconference - "Incomplete" traffic allowed

Resolved! Management Interface traffic logs

Resolved! Customizing Prototypes in Office365

Resolved! Panorama shows FW as disconnected after App and Threats Update

Resolved! DNAT issues into servers with teamed nic's ?

Resolved! Virtual Firewall

Resolved! Can't join Windows Updates server, application "not applicable"