This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew

About BPry

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
BPry
‎02-24-2026
Cyber Elite
since ‎05-26-2016
Cyber Elite
User Activity
User Profile
Latest posts by BPry
View All
User Badges
Community Statistics
Member Since ‎05-26-2016 07:16 AM
Date Last Visited ‎02-24-2026 02:19 PM
Posts 6,520
Total Likes Received 2296

Custom System Event ID Severity

by Cyber Elite in General Topics
‎07-06-2016 01:49 PM
‎07-06-2016 01:49 PM
I would like to set the severity of the vpn tunnel-status-up event to critical so that it triggers an email without having to get emails for all informational notifications. Does anyone know if this is a possibilty as it currently sits? ... View more

Re: HA not synchronized after commit from Panorama

by Cyber Elite in General Topics
‎07-05-2016 12:24 PM
‎07-05-2016 12:24 PM
It may also be worth running the two commands listed below and seeing their output.   show high-availability all show high-availability state   Look at the link state and see if it's reporting that it's actually up, I've had an issue before where the link state was down and it never sent me an alert about it. Still not sure why but once the issue was cleared up I did get an alert stating that the HA peer was up.  ... View more

Re: HA not synchronized after commit from Panorama

by Cyber Elite in General Topics
‎07-05-2016 12:20 PM
‎07-05-2016 12:20 PM
Simple question but could it be that your passive firewall is down or the link between the two is damaged in some way. If it's not being synchronized and it was prior I would guess that one of those two options was the culperate  ... View more

Content Update 592 False Positive

by Cyber Elite in General Topics
‎07-05-2016 11:06 AM
‎07-05-2016 11:06 AM
I've noticed that since the 592 content update I've been recieving a large amount of Microsoft SMB Client Response Parsing Vulnerability alerts from Threat-ID 35427. I've checked the servers and the workstations and everything is up-to-date or not running an operating system that would have even included this particular CVE (2010-0476).  Particularly I only see this coming from our ASA zone that manages our remote users coming into the internal file servers, although this is the only such traffic that would go through the PA. I'm just wondering if anybody has noticed this or heard if it is going to be updated with the next content update; as when the issue first popped up it actually grounded our remote operations as the workers couldn't access there files since the default action is reset-both.  ... View more

Re: Not able to see the interface IP addresses using SNMP.

by Cyber Elite in General Topics
‎06-30-2016 12:36 PM
2 Kudos
‎06-30-2016 12:36 PM
2 Kudos
Kim, Do you know why PA isn't letting us upvote feature requests ourselves. I understand that it's on an internal database becasue it's supposed to be tied in with there security issues but why don't they seperate that out and make it public so that we don't have to bug our SEs just because I want to 'upvote' a feature request?  ... View more

Re: Block scanning from shodan

by Cyber Elite in General Topics
‎06-30-2016 10:42 AM
‎06-30-2016 10:42 AM
Couldn't you just use URL Filtering to disable access to that domain? Wouldn't that be easier then worrying about what IP is accessing that traffic. ... View more

Re: Url Filtering Doesnt Works (not-resolved)

by Cyber Elite in General Topics
‎06-29-2016 06:04 AM
‎06-29-2016 06:04 AM
Does your management port have an active internet accessable connection at all. It could be that you need to put in service routes to actually get this feature to work properly if you have already verified that your policy set isn't blocking the PA from resolving the address. If you are funneling out service requests from the outside interface you may not actually be allowing the interface a DNS connection.  ... View more

Re: GUI Access on Public IP

by Cyber Elite in General Topics
‎06-24-2016 12:16 PM
‎06-24-2016 12:16 PM
Thanks! I actually just figured it out, didn't realize that it was allowed for everyone until I realized that my laptop wasn't on the wifi today.  ... View more

GUI Access on Public IP

by Cyber Elite in General Topics
‎06-24-2016 12:02 PM
‎06-24-2016 12:02 PM
I'm setting up a PA-200 for a remote office and was wondering if anyone could tell me how I would restrict the GUI access on the Public IP to solely 1 range of public IP addresses. As it sits now I have access on any device as long as I have the password and username, I'm not sure if that is the normal default or not but it doesn't really sit well with me. Thanks for any help! ... View more

Re: Palo Alto PA-3050 100 per cent CPU

by Cyber Elite in General Topics
‎06-24-2016 07:30 AM
‎06-24-2016 07:30 AM
I'll have to check and see if we have TAM; I know that we have support and have access to a SE but I wasn't involved in the actual purchasing of it or ever informed really of anything to do with support other than the contact information for the SE.  ... View more

Re: EBL Issues

by Cyber Elite in General Topics
‎06-20-2016 05:55 AM
‎06-20-2016 05:55 AM
Once I applied the rule with the EBL as the destination instead of the source then it stated working as it should. ... View more

Re: PA identifying traffic from AKAMAI as BruteForce.

by Cyber Elite in General Topics
‎06-17-2016 09:14 AM
‎06-17-2016 09:14 AM
I would think that Palo Alto will address the issue and tune the threshold or whitelist Akamai in the threat signature. What annoys me is you can't tell me they didn't see this issue in internal testing.  ... View more

Re: Anyone having issues with Threat ID 40059 (HTTP Brute Force)?

by Cyber Elite in General Topics
‎06-17-2016 07:32 AM
‎06-17-2016 07:32 AM
Thanks! I didn't see that one.  ... View more

Anyone having issues with Threat ID 40059 (HTTP Brute Force)?

by Cyber Elite in General Topics
‎06-17-2016 06:36 AM
1 Kudo
‎06-17-2016 06:36 AM
1 Kudo
Palo Alto pushed out an update to the HTTP Request Brute Force Attack signature (40059) on 06-15. Since then I've seen a rash of threats being identified from Akamai Technologies IP addresses (about 8 different addresses). I'm wondering if anybody else is having this issue and it's a problem with the threat signature or if someone is using Akamai hosting and figured out our IP range. The only reason that I'm hesitant to block them is because I know that Microsoft using Akamai and I don't want to interrupt our server ops.  ... View more

Re: EBL Issues

by Cyber Elite in General Topics
‎06-17-2016 06:00 AM
‎06-17-2016 06:00 AM
With the IP instead of the EBL object the rule functions as it should. I also tried creating a rule specifically saying that our inside network can't go to the EBL as the destination and that appears to function fine.  ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎02-24-2026 02:19 PM
Latest Tags
No tags yet
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks