General Topics

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Ms-DS_SMB do I need ICMP and Ping

Runnnig a capture ot troubleshooty file share isuse. From attach capture for DROP I keep seeing ICMP adn Ping so I actully need those as part of rule as well?

Resolved! HA sessions synchronization initiated by or to the Active.

Hi Guys,

Got a random question regarding the sessions synchronisation when running HA :0 If l understood correctly only the sessions that are not initiated by the Active device will be synchronised to the Passive device. Does it mean that all OSPF, B

...

panorama server specifications

Hello all,

can you please [provide me with panorma server specification to buy it this week ..

what is implementaion method ? we must have esxi ? or windows server or what ? i`m new here

DHCP

We've used Palo alto as DHCP server for all our wireless infrastructure, we notice that after one hour the IP has to expire and be release, however it keep the expired session on the DHCP and we have to manually clear out this from cli.

Once the pool

...

Block Facebook App

We are using a Palo Alto Firewall and have facebook blocked on the browser, but the mobile app still works on Android and iPhone. What is the catch all way to block the facebook app?

External Dynamic Lists requires "google-app-engine" ??

Greetings

On PAN-OS 7.1.8 configuring EDL is giving some unexpected results -

I have an application based security policie set for my PA management IP addresses to fetch the updates i.e. "paloalto-updates, widlfire, pan-db-cloud, ssl and web-browsing

...

Resolved! How to generate SNMP Trap from CLI/GUI?

Hello

I'm on 7.1.7 PANOS and I need to generate traps for testing purposes. I didn't find in manual such CLI command.

please advice me how to generate from CLI or if it's not possible how to make a workaround (ie. using trap on virus condition or so)

...

Resolved! Exfiltration detection?

Has anyone set up a PAN alert for egress bandwidth utilization? For example: If any internal host transfers more than (x) GB in (y) Minutes to the Internet - throw an alert.

Can not access to Web Admin GUI on Active Device Paloalto, can access to Standby device in HA System

Hi All,

I have met a problem with access to my Active Pan Device by Web Admin GUI.

I can access by SSH Console and I can access to Standby Device in HA System.

My device: PAN 3020, OS Version 6.1.4.

Have anyone meet the same problem, please share the s

...

Problem wildfire submission logs missed sender/recipient address

Hi all

i have this little issue: I have panorama with a pa 5050 cluster firewall 7.1.5 with wildfire licence. I have a rule to control smtp traffic with a wildfire profile.In the wildfire i have disable benign responce and in the configuration i have

...

Unused rules

I know it is possible to get unused rules since last reboot, but it is obvious the data is in Panorama. Is there no way to get a list of rules not used since a specified date?

https://live.paloaltonetworks.com/t5/Learning-Articles/How-to-Identify-Un

...

Resolved! Cannot ping connected adsl modem.

Hi all,

i've connected a adsl modem to our 3020 to redirect some clients to, configured the interface as dhcp client, the port successfully gets an ip address from the modem but i can not ping the modem interface from firewall's cli. I might be miss

...

Resolved! Line Messenger APP

Hi All,

Do we have an application for Line Messenger:

https://line.me/en/

Cannot see it in Palo database.

Thx,

Myky

How to block TCP22 connections

Hi everybody

I like to know if there is a way to block incoming connections attemps to port TCP 22.

I have an end-customer which has lots of connections to his public ip range 0.0.0.0/24 to port TCP22 but not hit the vulnerability 40015 (SSH User Aut

...

what exactly is tcp-reuse and does it sends session closure traffic to the client and server?

hey

we have some problem with old system that are beeign stuck after some tome it is working and on the logs we see the session end reason is "tcp-reuse" my questions are:

1) what should be happaning on the network flow for this end-reason log to a

...

General Topics

Discussions

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free