Getting Started: The Palo Alto Networks Firewall Series

by Community Manager ‎11-16-2015 12:00 AM - edited ‎11-20-2017 05:25 AM (61,340 Views)

A series of articles to help with your new Palo Alto Networks firewall from basic setup through troubleshooting


Your new Palo Alto Networks firewall has arrived! What next?


To help you enjoy the full potential of the Palo Alto Networks firewall, we've got a series of helpful articles and videos for customers and users like you. No matter what level of expertise you have, we think you'll find some tips and tricks that ensure optimal use and enjoyment of your firewall.


The first series covers the basics of getting your device booted up, the management interface configured, the licences activated, content files updated, and software upgraded to the latest version. We then take a look at several interface configuration options, security and NAT policies, and look at how logging works.


Check out what this series brings you—


Getting started with the Palo Alto Networks firewall

Getting Started: Setting Up Your Firewall

Getting Started: Layer 3, NAT, and DHCP

Getting Started: Layer 3 Subinterfaces

Getting Started: Logging



Also check out the Video Tutorials—


Video Tutorial: Getting Started — Setting Up Your Firewall

Video Tutorial: Getting Started — Layer 3, NAT, and DHCP

Video Tutorial: Getting Started — Network Address Translation


See the Getting Started Playlist on YouTube, including basic to advanced URL filtering


The second series installment covers more topics, from basic configuration to advanced concepts—


What more can my firewall do? Layer 2 interfaces

What more can my firewall do? Quality of Service

What more can my firewall do? Virtual Private Networks (VPNs)

What more can my firewall do? Identify Users!

What more can my firewall do? Custom Reports!

What more can my firewall do? Policy Based Forwarding!

What more can my firewall do? Custom applications and app override!

What more can my firewall do? Forward log files and reports

Getting started: firewall as a PPPoE or DHCP client

Getting Started: Network Address Translation


The third installment covers how to go about troubleshooting the firewall and identifying issues—


Let me fix that for you: Packet captures

Let me fix that for you: Flow Basic 



Can't get enough and want more? 


If you're just getting started with cybersecurity, take a look at a few topics in our Cyberpedia What Is Cybersecurity?


Feel free to reach out in the comment section below.


Spread the word and stay secure!



by adn2787
on ‎07-06-2017 10:36 PM

I am enrolled in the Firewall Configuration Essentials 101 course and I am really worried, I do not understand how to do Lab.2, I do not even know how to start. I worry, I think this level is too much for me! I want to excel, I want to become a competent and qualified administrator ... but at this moment, I do not know where to start?
Suggestions, please!

by adn2787
on ‎07-07-2017 02:29 PM

My main question is about how to work Lab 02, since I do not have the equipment (PA-200), and I do not know if there is a virtual platform on which to work the points of the laboratory. Could you explain me about it?

by mikeuser23112
on ‎09-05-2017 11:41 AM

Is there a guide for configuring dual internet with HA pair of firewalls?  I have 2 internet connections, I bought 2 PA-220s.  I found a guide for running 2 firewalls with 1 internet and a guide for running 2 internet with 1 firewall but not a guide for running 2 internet with 2 firewalls.

by franp2013
on ‎09-14-2017 02:40 PM

Señores requiero de su conocimiento y ayuda, no me permite ingresar a mi firewall PA200, desde hace un par de horas el mismo mensaje:  Session timed out. Ya lo reinicie y sigue igual.



by Community Manager
on ‎11-22-2017 05:59 AM

@adn2787 sorry for the late reply!

If you do not have the equipment, you can either spin up a free trial through the Fuel User Groups: This trial only allows a limited amount of time of use

There are also free trials available through AWS but you do need to pay for the AWS uptime


I don't have the details of lab 2, but the 'getting started' above are more or less sorted from the very start and getting more complex the further down the list you go, so I would recommend you start at the first article and see if it helps, then move to the next

it will likely follow more or less the same cadence as the training material


@mikeuser23112 : i'd recommend (this is best practice) starting off by configuring both ISP on a single firewall (use PBF to direct traffic so you can use both ISP at the same time) , then putting the firewall in cluster. You now have a completely redundant setup: if ISP1 fails, firewall1 will remain operational and simply switch to ISP2, if firewall1 fails, firewall2 will still be able to use ISP1. I strongly recommend against configuring 1isp per firewall as this will not produce a desirable scenario (each potential failure causes a cascade, bandwith usage is not optimzed,..)


@franp2013 Lo siento, pero tendrá que hacer esta pregunta a través de soporte

Ask Questions Get Answers Join the Live Community