Cloud NGFW for AWS Discussions

Welcome to the Cloud NGFW for AWS Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Terraform

Hi I am trying to deploy Cloud NGFW for AWS using Terraform, but seems to be going around in circles.

I have a simple provider config:

provider "cloudngfwaws" {

arn = "arn:aws:iam::123456789:role/cloudngfwaws"

host

...

APP-ID reclassification process

Hi Team

If an application changes port, how is the reclassification process in the NGFWs?

Resolved! Cannot create Cloud NGFW "Internal Server Error"

Attempting to create a new Cloud NGFW instance for AWS.
https://web.aws.cloudngfw.paloaltonetworks.com/#/
Open NGFW tab.
Click "Create Firewall"

Provide name "NGFW01"
Provide AWS account ID (there's only one at this stage)

Form immediately helpfully says

...

Resolved! Multi-VPC Deployment: Can it be done with AWS Firewall Manager?

Hey Everyone,

I just watched the MultiVPC demo video and wanted to know.

https://live.paloaltonetworks.com/t5/cloud-ngfw-videos/multi-vpc-cloud-ngfw-resource/ta-p/523967

Is this configuration expected to be done in a AWS Firewall managed Associ

...

IoT Security works randomly, but mostly doesn't connect properly when I check EAL connection or ICD connection

I am working on trialing IoT Security without Cortex Data lake license to see what kind of behavior my IoT devices are doing and see what policies are recommended. I was able to set it all up and see policy recommendations, but it randomly seems to s

...

Dynamic Address Groups with aws tags

I want to be able to build rules using e.g. AWS EC2 tags.
Is it possible in cloud NGFW?

I'm getting 20% packet loss when pushing data through USE1 Cloud NGFW

We're pushing packets through two VPCE in USE1. And we're getting 20% packet loss. Need assistance is tracking this down.

FQDN list doesnt work

Hey all,

I created a simple FQDN allow list and added google.com. When I ping or curl google.com it only works sometimes. Any ideas?

Free AWS cloud firewall training!

Hello to all on the youtube channel for the live community there is a free training for the AWS Cloud Firewall. You can also schedule a workshop for the Palo Alto Networks + AWS Immersion Day events if want to play with the service a little more:

...

Resolved! Servicenow - palo alto discovery

HI,

would like to intergate palo and service now discovery module to pull palo's devices into CMDB.

below is link that i came across , and asking for snmp credentials, so just provide them community string to service now team ?

https://docs.serviceno

...

Can't delete aws account

Same issue as https://live.paloaltonetworks.com/t5/cloud-ngfw-discussions/deleting-aws-account-from-cloud-ngfw-portal/m-p/490183#M303 There's no movement on this thread

I deleted all the FMS firewalls.

I'm subscribed to Premium support and I can'

...

Terraform provider inconsistencies and issues with IAM role tags

Hi,

I am currently on provider version 1.0.4 (prior to this, I was trialling out CloudNGFW a month ago, on locally built version 1.0.0 of the provider). I do not think it's a provider bug as such, but the issues I am facing pertain to provider bloc

...

Resolved! Testing Log4J with AWS Cloud NGFW

Hi,

what is the curl command in AWS EC2 to test if Log4J is well blocked by my AWS Cloud NGFW?

Resolved! Deploy NGFW in eu-west-2

Hi,

I am trying to deploy NGFW in eu-west-2, but it's failing on the Cloudformation template. Steps below:

1. Subscribe to NGFW via AWS Marketplace (which is global and not per region).

2. Click on the verification email and set up new password. Th

...

Create local rulestacks with Terraform for firewall manager account.

Hello,

We have created a distributed firewall using firewall manager and created global rulestacks using the api.

Now we would like to create local rule stacks via terraform but are running into issues as the account was onboarded using firewall

...

Cloud NGFW for AWS Discussions

Discussions

Welcome to the Cloud NGFW for AWS Discussions!

Rules and Best Practices

Terraform

APP-ID reclassification process

Resolved! Cannot create Cloud NGFW "Internal Server Error"

Resolved! Multi-VPC Deployment: Can it be done with AWS Firewall Manager?

IoT Security works randomly, but mostly doesn't connect properly when I check EAL connection or ICD connection

Dynamic Address Groups with aws tags

I'm getting 20% packet loss when pushing data through USE1 Cloud NGFW

FQDN list doesnt work

Free AWS cloud firewall training!

Resolved! Servicenow - palo alto discovery

Can't delete aws account

Terraform provider inconsistencies and issues with IAM role tags

Resolved! Testing Log4J with AWS Cloud NGFW

Resolved! Deploy NGFW in eu-west-2

Create local rulestacks with Terraform for firewall manager account.

Why is pan-db downloaded?

AWS PA-VM X-Forwarded-For IP Adderss Check.

Cannot create Cloud NGFW "Internal Server Error"

Multi-VPC Deployment: Can it be done with AWS Firewall Manager?

What is a RuleStack?

Unlock your full community experience!

Cloud NGFW for AWS Discussions

Rules and Best Practices

Resolved! Cannot create Cloud NGFW "Internal Server Error"

Resolved! Multi-VPC Deployment: Can it be done with AWS Firewall Manager?

Resolved! Servicenow - palo alto discovery

Resolved! Testing Log4J with AWS Cloud NGFW

Resolved! Deploy NGFW in eu-west-2