General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! Exfiltration detection?

Has anyone set up a PAN alert for egress bandwidth utilization? For example: If any internal host transfers more than (x) GB in (y) Minutes to the Internet - throw an alert.

Can not access to Web Admin GUI on Active Device Paloalto, can access to Standby device in HA System

Hi All,

I have met a problem with access to my Active Pan Device by Web Admin GUI.

I can access by SSH Console and I can access to Standby Device in HA System.

My device: PAN 3020, OS Version 6.1.4.

Have anyone meet the same problem, please share the s

...

Problem wildfire submission logs missed sender/recipient address

Hi all

i have this little issue: I have panorama with a pa 5050 cluster firewall 7.1.5 with wildfire licence. I have a rule to control smtp traffic with a wildfire profile.In the wildfire i have disable benign responce and in the configuration i have

...

Resolved! HTTP-Proxy allow or deny app

Hi Everyone,

I have a inbound rule in place fro my forward facing web-server and am tightning the policy down to only allow a few apps and a few default ports ssl and web-browsing

When i was looking at what traffic was hitting the rule, Isaw the follo

...

Unused rules

I know it is possible to get unused rules since last reboot, but it is obvious the data is in Panorama. Is there no way to get a list of rules not used since a specified date?

https://live.paloaltonetworks.com/t5/Learning-Articles/How-to-Identify-Un

...

Resolved! Cannot ping connected adsl modem.

Hi all,

i've connected a adsl modem to our 3020 to redirect some clients to, configured the interface as dhcp client, the port successfully gets an ip address from the modem but i can not ping the modem interface from firewall's cli. I might be miss

...

Resolved! Line Messenger APP

Hi All,

Do we have an application for Line Messenger:

https://line.me/en/

Cannot see it in Palo database.

Thx,

Myky

How to block TCP22 connections

Hi everybody

I like to know if there is a way to block incoming connections attemps to port TCP 22.

I have an end-customer which has lots of connections to his public ip range 0.0.0.0/24 to port TCP22 but not hit the vulnerability 40015 (SSH User Aut

...

what exactly is tcp-reuse and does it sends session closure traffic to the client and server?

hey

we have some problem with old system that are beeign stuck after some tome it is working and on the logs we see the session end reason is "tcp-reuse" my questions are:

1) what should be happaning on the network flow for this end-reason log to a

...

Resolved! How to submit a CSR to Microsoft CA?

Hello folks!

I have seen a few articles and documentation for generating CSR and submitting to Microsoft CA for subordinates. What about just a root stand alone enterprise Microsoft CA?

I am preparing to configure a Global Protect portal, generated/

...

Resolved! About Syslog over TCP for PaloAlto Firewall.

Hello Guys.

I have a question about syslog service of PaloAlto Firewall. Customer want to send a logs of paloalto firewall to syslog server using TCP. Can PAN possible to do that?

Thanks.

Regards,

Roh

Research paper shows vulnerabilities with SSL interception

On Feb 2017, some universities, Mozilla, Cloudflare, and Google released this paper on corporate and desktop HTTPS interception.

First they figured out how to identify when someone connects to a web server through an SSL interception appliance. Then

...

CLI debug pcap verbosity levels

I've been using the cli debug pcap captures for a number of issues recently but was frustrated in the last one by a lack of detail. In this case I was capturing OSPF (debug routing pcap ospf on). When I viewed the capture it looks more like a summary

...

Resolved! IPS best practise

Hello all,

I configured my security profiles with default seetings ..

Is ther any refrence for best practise for IPS and wildfire ??

Miner Data Priorities

Is there a way to have MineMeld prioritize miner data once they get to the output stage? Since some output feeds may be too large for certain firewalls, I want to ensure that our static blacklist is always at the top of the list. Currently new additi

...

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help