General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Policy application question

Hi

So I created an application

TEST HTTPS tcp/443

TEST HTTP tcp/443

and a policy from any where to 10.10.10.10/24 application TEST HTTPS & TEST HTTP allow

and then deny everything else

if I go to my test box say 10.20.20.20/24 (different network), pre

...

Migrate from Check Point to PaloAlto step by step

Hi guys

I have some document that I made about migration from CP to PA,

Please feel free to contact me if you had some issue with that migration.

If you want the PDF file, please check the following link:

http://zwerd.com/2017/09/05/paloalto-migration.ht

...

7.1 default behavior changes

So I was reading about OS 7.1 because I am planning on upgrading from 7.0.12 to 7.1 and found some information of the default behavior of app-id

Resolved! Path Monitoring question?

Hi folks,

Preparing for my HA configuration this weekend. 

I have a question about creating a Path monitoring group on the Passive device.

While I go through the procedures to configure HA on the Active device, I plan to set a Path monitoring group

...

Finally IPv6 over GlobalProtect, or should i say v6IP?

About 2 months ago I was thrilled to hear that PANOS 8 was coming out and that it would bring us IPv6 inside a Globalprotect VPN. After fixing the "licence issue", i finally came arround to doing the upgrade and eagerly started to configure a tunnel

...

Headsup: AZURE VPN not comming up again, session discarding

Hi,

I just want to share a problem i have been troubleshooting. I have lots of vpn's terminating on our FW, haven't had real problems until i started to connect Azure VPN's. After a network hickup they usually did not come up again. I had the hardest

...

Log Card Interface Issues

We have configured a log card interface on one of our 7050 devices for submission to wildfire. This is not working.

Our testing shows we cannot ping the default gateway conifgured on the interface. If we ping from the router, then no response is reci

...

HTTP OPTIONS Method

Hi,

I am getting contionous 'HTTP OPTIONS Method' - alert
What is the reason for this

If I have multiple vulnerabilty profile ,I want to exclude this from one of the profile or one of the ip
(I want to ignore this vulnerabilty checking in a profile or ag

...

cookie size

Hi,

Is there something settings related to 'cookie size' in pa

Thanks

Resolved! Path Monitoring Group Name field will not save?

Hi folks,

Another HA question, but seems like could be an easy one.

I have one test PA-200 OS 6.1.4, enabled HA (for practice), created a Link Group, and now trying to create a Path Group.

However, when I type in a name and click off of it, press ente

...

IPSec Tunnel PAN to Cisco ASA - matching for phase 2

Do the proxy ID's on the pan side have to match the ACL defined crypto domain on the ASA? That is - suppose on the PAN side you had for phase II of the tunnel 192.168.1.0, 192.168.2.0 and 192.168.3.0 while the ASA side had only 192.168.1.0 and 192.16

...

Resolved! It's time to allow verified PAN customers to change URL categories for specific websites

Long time PAN Customer with huge PAN deployment, we have a very large user base and get multiple website blocked requests daily. We block Parked and Unknown domains for security purposes, it's worth it. However, there's a large amount of new websites

...

Resolved! IPSEC site-to-site; passing ICMP only.. no other protocol (TCP/UDP)

I have an IPSEC-to-SITE.

IKE Phase 1 and Phase 2 are good/live.

Tunnel interface in right zone. Routes fines.

Policy defined (app: any, service: any).

I can see the policy being hit when I generate icmp/pings. And can get to the proxy id's/subnets on o

...

API or script to report bad URLs to PAN?

Is there an ability to post bad URL reports to PAN in an automated/scripted fashion?

I know the report site exists (https://urlfiltering.paloaltonetworks.com) but it requires a captcha. My goal is to write a script which takes in a (phishing) URL as

...

Report issue - incorrect data

Hi All,

i have a problem: when my customer generates reports there are problem with data, i see that the usage in one week is less than the sum of two random days in the same week.

example:

Week report: 450.5 G bytes

Day X: 588.3 G bytes

Day Y: 262.0 G b

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free