General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Data pattern to check 2 conditions on Credit Cards

Hi,

Let's say I want to create a Data Pattern to check 2 conditions on DLP:

1) Check Luhn number. This can easily be done by setting a weight in the "CC" field on a DLP Data Pattern.

2) Once the Luhn number checked, check if the first 7 numbers of the

...

Resolved! Bandwidth limit AD group

We have a need to limit download and upload to 50 Mb/50 Mb for a specific AD group in our company. I have followed the steps in this article

https://www.paloaltonetworks.com/documentation/70/pan-os/pan-os/quality-of-service/use-case-qos-for-a-single-

...

Resolved! More than one Radius Connection Profile for GlobalProtect on PAN-OS 7.1.0 and Windows 2012 R2 NPS

We are hosting 4 clients with each having their own server. I have setup 4 separate GlobalProtect Gateways and Portals for each client with access only to their server. I have configured Radius and tested it.

I want to be able have one different Ac

...

Resolved! Command: clear session id 135269 not working

Hi All,

Strange but cannot clear the session below. Did try from GUI first then from CLI. CLI says: session 135269 cleared after still able to see it as active

Any idea?

PAN-OS 6.1.7 PA-5050

Thx,

Myky

Resolved! ACC report on Sunday

Hi Guys,

ACC issue. Don't know what could be the reason for the URL block report to show some activities when nobody was using a network on Sunday. NTP? And also question to why all users got 2 digits in the end of their username, Is it normal?

Thx,

M

...

Wildfire: different level of severity for the same file

Hi

I don't understand why the same file has different level of severity in wildfire.

Could you explain me?

thank you very much.

best regards.

Resolved! What kind of protocol used PA to HA

Hello community,

Do you know what kind of protocol use PA to your HA, VRRP, CARP.. ?

Best Regards

Andres Padilla

Any known issues with PAN OS 5.0 for user-ID and IP mapping not working?

I have a lab setup with two palo alto firewalls (PA-200). I am running it with the code it came with the device (PAN OS 5.0.6).

I configured User-ID as per the guidelines on this link (https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to

...

BlackNurse Testing Causes issues on Egress Firewall

FYI It doesn't appear to require an attack to be an IP address bound to the PA.

It also appears that testing a remote firewall while egressing through a PA firewall causes your local firewall to experience DOS effects. It is not just inbound to an IP

...

Resolved! TLS secured SMTP inbound inspection?

Hi,

I've recently had a client who's PAN appliance failed to pick up a Zero-Day piece of malware that found it's way into their network via email.

We have wildfire configured correctly and it transpires they are using opportunistic TLS on their mail re

...

Resolved! show routing resource

When using show routing resource command. Why is there a overlimit value when we are under the 2500 limit count

LOBAL ROUTING RESOURCE USAGE:
==========
All Routes (total): 1088 (limit 2500)
All IPv4 Routes (total): 1088 (limit 2500) (overlimit counts

...

BlackNurse Denial of Service Attack

http://www.netresec.com/?page=Blog&month=2016-11&post=BlackNurse-Denial-of-Service-Attack

Has anyone here tested the effect of this on any PAN-devices ?

http://blacknurse.dk says:
LIST OF REPORTED AFFECTED PRODUCTS :
Cisco ASA 5515, 5525 (default setting

...

URL category shown in URL-Log is not equal as shown by command "test url ..."

Hello,

I have test a site for blocking via url-category. If I test the url via cli "test url cams.dnsalias.com" I got the category "dynamic-dns". But in the url-log I see "computer-and-internet-security" What's wrong?

MfG Ralf

Resolved! Different subnets on the same interface

Hi,

my ISP has assigned me with a /30 for the p2p connection and it is routing a /24 public subnet towards that /30. Meaning the WAN interface in the Palo will have to respond to many different ips on two different subnets. I haven't found any Kb tha

...

Block page for security policy matches

Is there a way to return a block page to users when their connection is blocked not by the URL-filter but by a security policy?

We have a security policy that blocks all outbound traffic to a list of foreign countries. The problem is when users atte

...

Discussions

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource