This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4549 Views
  • 0 replies
  • 1 Likes

Resolved! Cannot Access Global Protect Portal

Good Morning , I am currently working on implementing Global Protect with Duo SSO integration for user authentication . Although all the following configuration elements appear to be in place I am getting the following error message when attempting to access the portal . Can you please advise what may be going wrong her e? Thank you in ...

HThiam_0-1765312272753.png
H.Thiam by L2 Linker
  • 2070 Views
  • 2 replies
  • 0 Likes

Regarding the Operational Specifications for HA Mode

I am reviewing the operational specifications for HA mode. Could you please clarify the following points? <Device Information>Model: PA-3420 (2-unit HA configuration)OS Version: 11.1.6-h10Interface Information: Onboard (2 ports), Optical SFP10G (3 ports)HA Ports: HA1-A,B     HA2 Eth1/21,1/22 (Optical SFP10G) Please confirm whether my u...

n-tomo by L2 Linker
  • 889 Views
  • 3 replies
  • 0 Likes

Tunnel Monitoring

Hello Team, I have two ISP for site A and site B. we have configured tunnel.1,2,3,4. for all the tunnels i configured tunnel monitoring for failover. My primary tunnel is up and working fine. However, all the backup tunnels are down the tunnel status are showing red. anyone tell me is this expected?

jhussain1_0-1765985998674.png
jhussain1_1-1765991082868.png

web file blocking

Hello Community,We are trying to implement file upload/download blocking for W-Web in our environment using a Palo Alto firewall.Current setup:SSL Forward Proxy decryption is enabled.A decryption certificate has been created on the firewall and installed in the Trusted Root Certification Authorities store on client machines.Security policy and F...

Deepa_D by L0 Member
  • 3636 Views
  • 2 replies
  • 0 Likes

Resolved! Inquiry Regarding Publishing Custom Third-Party IOC Feed via EDL Hosting Service

Hello Palo Alto Team,We are exploring the possibility of integrating a third-party threat intelligence feed (Google Threat Intelligence) into Palo Alto Networks firewalls using External Dynamic Lists (EDLs). While reviewing Palo Alto documentation, we noted the following and would appreciate clarification:BackgroundBased on the documentation, st...

GlobalProtect enforcer exceptions not staying in registry

We have GlobalProtect with "Enforce GlobalProtect" enabled and a set of IP and FQDN exclusions. Additionally, the captive portal exception timeout is configured to 900 seconds. However, we’ve encountered an issue when users are connected to GlobalProtect, put their laptop to sleep, and then travel to a different location (e.g., a hotel). Upon wa...

Jagdeep1 by L2 Linker
  • 1701 Views
  • 3 replies
  • 0 Likes

User-ID Redistribution Agent : Close Connection to Agent

I am getting high severity alerts for user id connection agent Failure - Redistribution Agent <Agent Name> (Vsys1):Close Connection to Agent. Would appreciate if anyone can help me understand the log to check if the issue occurred due to firewall or by someone did it manually. If occurred on its own, then what could be the reason. When ...

Suggestion for a good model.

Hello Guys, We wants to deploy 10 PaloAlto firewalls in our 10 multiple locations. So pls suggest a good model which can capture all type of logs and having advance features.And wants to deploy one centralised firewall which can control all location's firewall.

Security policy not matching for CP authenticated LDAP users

Objective: Configure Captive portal for non-windows users to authenticate, but use AD credentials through LDAP authentication. Configuration performed.1. LDAP profile, Group mapping settings, server monitoring. (test command authentication is successful in CLI)2. Captive Portal config - Authentication portal setting / Certificates / SSL profil...

Pangps service stop after system restart in windows 11.

Global Protect service not running after restart the machine. When i try to enable the pangps service i am getting Error 1053 error. I have done the below troubleshooting. This issue raises in Windows 11 only. 1. Set delayed start 2. Changed option in registry 3. Uninstall and reinstalled 4. version upgrade 6.2.8 c223 to 6.2.8 c663 version. 5....

  • 1588 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks