General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Import from xml of a 2 vsys system

I have an xml config export from a PoC system that had 2 vsys configured. Is there a way to peel out one of the vsys configurations from the xml and import vsys1 only?

url-filtering

Hi,

In url filtering adult-and-pornography blocked . But la-xxx.com can accesible
xxx.com not blocked

1)
test url la-xxx.com

la-xxx.com adult-and-pornography (Dynamic db)

2)
test url xxx.com

xxx.com adult-and-pornography (Base db)

other info
----------

show ur

...

Two L3 interfaces on One Zone

Hi,

in the setup of the above diagram , I need to run OSPF on Paloalto between two Core-SWs, so I have to create two L3 interfaces Point to Point with the two SWs.

the two core-SW is considered as inside for me , so from the prespective of routi

...

Resolved! Create threat signature

Hi Guys,

I need to know if I can create a threat signature in case I've only the malware hash.

Is it possible to do on PA?

If not, Is there any other way I can block malwares based on hashes only?

Regards,

Sharief

how to add my own bulk IOCs into Minemeld

Trying to find a way to do this with some of the miners but it seems that you can only add 1 indicator at a time.

Troubleshooting ipsec tunnel setup.

I have setup ipsec between PA200 and cisco device. When trying to bring tunnel up not even able to establish phase1.

Getting following errors in logs. I have keyed in pre-shared key again on both the sides.

ikev2-nego-child-start:'IKEv2 child SA negot

...

Globalprotect - User-ID - missing domain prefix - group mapping not working

Hi

I have been trying to get User-id / Group mapping to work in one of our installations but without any luck

Tried both Radius and LDAP authentication.

I do see User-ID / IP mapping - but the domain prefix is missing.

"10.253.250.1 vsys1 GP sensagummi

...

Resolved! PA drops traffic apparently without NO REASON

Hi All,

I have PA 2050 with panOS version --> 7.0.9

I have two rules:

Rule 4 --> Permit for svc-casse application as (ssl, ms-updated ecc)

Rule 5 --> Cleanup for svc-casse

That's the situation check :

RULESLOG

Really really strange behavior I never seen

...

Resolved! Message of the day adn Embedded Message for cotent updates

How does one go about getting contents updates as part of message fo the day running 7.1.6 according to below in Red from PA the content and software messages have to be embedded and then I should be able to log in and veiw messege of the day and

...