Cloud NGFW for AWS Discussions

Welcome to the Cloud NGFW for AWS Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Terraform

Hi I am trying to deploy Cloud NGFW for AWS using Terraform, but seems to be going around in circles.

I have a simple provider config:

provider "cloudngfwaws" {

arn = "arn:aws:iam::123456789:role/cloudngfwaws"

host

...

APP-ID reclassification process

Hi Team

If an application changes port, how is the reclassification process in the NGFWs?

Resolved! Cannot create Cloud NGFW "Internal Server Error"

Attempting to create a new Cloud NGFW instance for AWS.
https://web.aws.cloudngfw.paloaltonetworks.com/#/
Open NGFW tab.
Click "Create Firewall"

Provide name "NGFW01"
Provide AWS account ID (there's only one at this stage)

Form immediately helpfully says

...

Resolved! Multi-VPC Deployment: Can it be done with AWS Firewall Manager?

Hey Everyone,

I just watched the MultiVPC demo video and wanted to know.

https://live.paloaltonetworks.com/t5/cloud-ngfw-videos/multi-vpc-cloud-ngfw-resource/ta-p/523967

Is this configuration expected to be done in a AWS Firewall managed Associ

...

IoT Security works randomly, but mostly doesn't connect properly when I check EAL connection or ICD connection

I am working on trialing IoT Security without Cortex Data lake license to see what kind of behavior my IoT devices are doing and see what policies are recommended. I was able to set it all up and see policy recommendations, but it randomly seems to s

...

Dynamic Address Groups with aws tags

I want to be able to build rules using e.g. AWS EC2 tags.
Is it possible in cloud NGFW?

I'm getting 20% packet loss when pushing data through USE1 Cloud NGFW

We're pushing packets through two VPCE in USE1. And we're getting 20% packet loss. Need assistance is tracking this down.

FQDN list doesnt work

Hey all,

I created a simple FQDN allow list and added google.com. When I ping or curl google.com it only works sometimes. Any ideas?

Free AWS cloud firewall training!

Hello to all on the youtube channel for the live community there is a free training for the AWS Cloud Firewall. You can also schedule a workshop for the Palo Alto Networks + AWS Immersion Day events if want to play with the service a little more:

...

Resolved! Servicenow - palo alto discovery

HI,

would like to intergate palo and service now discovery module to pull palo's devices into CMDB.

below is link that i came across , and asking for snmp credentials, so just provide them community string to service now team ?

https://docs.serviceno

...

Can't delete aws account

Same issue as https://live.paloaltonetworks.com/t5/cloud-ngfw-discussions/deleting-aws-account-from-cloud-ngfw-portal/m-p/490183#M303 There's no movement on this thread

I deleted all the FMS firewalls.

I'm subscribed to Premium support and I can'

...

Terraform provider inconsistencies and issues with IAM role tags

Hi,

I am currently on provider version 1.0.4 (prior to this, I was trialling out CloudNGFW a month ago, on locally built version 1.0.0 of the provider). I do not think it's a provider bug as such, but the issues I am facing pertain to provider bloc

...