Next-Generation Firewall Discussions

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

PAN-OS HA UGRADE PATH

Hi All, Please I'm upgrading a palo alto firewall in HA mode remotely, I'm having some issues with remote access and for me not to loose access and be able to finish my upgrade is it ok to upgrade the Passive first before failing over to the passive

...

Resolved! About PAN-300837

Attention: Global TPM team,

Hi,

I have a question about PAN-300837.
// PAN-OS 11.1.13-h1 Addressed Issues
https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-13-known-and-addressed-issues/pan-os-11-1-13-h1-addressed-issue

...

Best practices for Palo Alto security policy when destination IP/FQDN is dynamic or unknown

Group Company A is implementing surveillance cameras and requires communication to send data from the cameras to an external cloud server. The cloud server (destination) cannot be restricted by IP address or FQDN (only ports can be restricted), so IP

...

Resolved! About PAN-269535

Attention: Global TPM team,

Hi,

I have a question about PAN-269535.
// PAN-OS 11.1.13-h1 Addressed Issues
https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-13-known-and-addressed-issues/pan-os-11-1-13-h1-addressed-issue

...

Resolved! About PAN-263691

Attention: Global TPM team,

Hi,

I have a question about PAN-263691.
// PAN-OS 11.1.13-h1 Addressed Issues
https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-13-known-and-addressed-issues/pan-os-11-1-13-h1-addressed-issue

...

Resolved! About PAN-299622

Attention: Global TPM team,

Hi,

I have a question about PAN-299622.
// PAN-OS 11.1.13-h1 Addressed Issues
https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-13-known-and-addressed-issues/pan-os-11-1-13-h1-addressed-issue

...

Resolved! About PAN-241694

Attention: Global TPM team,

Hi,

I have a question about PAN-241694.
// PAN-OS 11.1.13-h1 Addressed Issues
https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-13-known-and-addressed-issues/pan-os-11-1-13-h1-addressed-issue

...

Resolved! About PAN-293673

Attention: Global TPM team,

Hi,

I have a question about PAN-293673.
// PAN-OS 11.1.10 Known Issues
https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-10-known-and-addressed-issues/pan-os-11-1-10-known-issues

Q1)
How oft

...

Resolved! About PAN-183404

Attention: Global TPM team,

Hi,

I have a question about PAN-183404.
// PAN-OS 11.1.10 Known Issues
https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-10-known-and-addressed-issues/pan-os-11-1-10-known-issues

Q1)
How oft

...

Resolved! About PAN-303627

Attention: Global TPM team,

Hi,

I have a question about PAN-303627.
// PAN-OS 11.1.13-h1 Addressed Issues
https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-13-known-and-addressed-issues/pan-os-11-1-13-h1-addressed-issue

...

Resolved! About PAN-305301

Attention: Global TPM team,

Hi,

I have a question about PAN-305301.
// PAN-OS 11.1.13 Known Issues
https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-13-known-and-addressed-issues/pan-os-11-1-13-known-issues

How often

...

Unable to block download and upload for chatgpt and messengers

Hi Friends,

Recently i am trying to acheive an requirement where i want to allow messenger and chatgpt in my network but files uploading and downloading should be blocked.

I tried configuring decryption and flie blocking profiles along with two se

...

Resolved! Chrysalis Backdoor

Hi All,

just aware of this new threat.

Apparently there are some IPs we can scan on PAN to see if we are affected?

Any suggestions are greatly appreciated.

Thanks. Ql

port issue / nmapping

Hi everyone,

I’m facing a strange issue and would appreciate your input.

We created a security policy to block certain ports. When we check the traffic logs and packet captures, they clearly show that the traffic is being dropped. However, when we ru

...

Stealth Rule Question

Hi everyone,

Could someone please explain the correct way to create a Stealth rule in Palo Alto? My understanding is that it involves creating a rule that denies all traffic destined for the firewall’s public IP addresses.

I’m also unsure whether this

...

Discussions

Welcome to the Next-Generation Firewall Discussions!

Rules and Best Practices

PAN-OS HA UGRADE PATH

Resolved! About PAN-300837

Best practices for Palo Alto security policy when destination IP/FQDN is dynamic or unknown

Resolved! About PAN-269535

Resolved! About PAN-263691

Resolved! About PAN-299622

Resolved! About PAN-241694

Resolved! About PAN-293673

Resolved! About PAN-183404

Resolved! About PAN-303627

Resolved! About PAN-305301

Unable to block download and upload for chatgpt and messengers

Resolved! Chrysalis Backdoor

port issue / nmapping

Stealth Rule Question

About PAN-305301

About PAN-303627

About PAN-183404

About PAN-241694

About PAN-300837

Re: Is there a way to configure Pan-OS to integrate with an ACME server for certificate enrollment?

Re: Is there a way to configure Pan-OS to integrate with an ACME server for certificate enrollment?

Re: PAN-OS HA UGRADE PATH

Re: IPSEC VPN for the FW MGMT

Re: Palo Alto for email security

Unlock your full community experience!

Rules and Best Practices

Resolved! About PAN-300837

Resolved! About PAN-269535

Resolved! About PAN-263691

Resolved! About PAN-299622

Resolved! About PAN-241694

Resolved! About PAN-293673

Resolved! About PAN-183404

Resolved! About PAN-303627

Resolved! About PAN-305301

Resolved! Chrysalis Backdoor