Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4636 Views
  • 0 replies
  • 1 Likes

Problem with PBF with two ISP and two VR

Hi all, I have a PA220 managed with Panorama. Very cool mgmt and very powerful. Only the PA220 is a bit slow.My Situation - I have two internet connections (Eth 1/1 and 1/7) with fixed IP. Both have their own VR and therefore both have a null route. And both have own untrust1 and untrust2 zone.All my clients 10.10.10.x/24 are in trust1 zone and ...

LED Status yellow for PWR

Hello Guys, Need some suggestions, Paloalto 5220 or say 3220 while deploying I can see yellow LED in PWR but every other LED's are green. referred - https://docs.paloaltonetworks.com/hardware/pa-3200-hardware-reference/service-pa-3200-series-firewall/interpret-leds-pa-3200-series In this document it says it will either be green for ON and ...

Doyenadmin_0-1658245875590.png
5250 led status.jpg

Resolved! DNS-base application

Hi ALL, In our monitor log ,we see a lot of deny for a few PCs with "dns-base" application . Please see below: what is "DNS-base" and how do we allow it if needed. Thanks QL

Qui_4-1657240524522.png
Qui by L2 Linker
  • 16582 Views
  • 3 replies
  • 0 Likes

PaloAlto base config, not able to commit config after removing vwire references

Hi Folks, I am using Palo-Alto 3260 without panaroma. i want to take base config from it, so we have reset the firewall to factory default and trying to commit config by removing vwire from interfaces and zones. but config is not getting commit and giving error as interface is missing default config. How can i take base config then

Resolved! ssl inbound inspection in a reverse proxy scenario

Dear Community, I need to configure ssl inboud inspection in a scenario with 5 web services running behind a reverse proxy. The flow of traffic is as follow:Internet (same_public_ip) =>> PA ==(nat)=>> Reverse Proxy =>> Web Services Since PA will not be able to peek into the sll traffic to grasp which one is the aimed internal s...

How to avoid split brain in active passive cluster

Hi, We've got a installation with active-passive devices in different datacenters. We need to ensure that the primary device is always the active device when there is some problem between datacenters. We have configured virtual router path monitoring in the secondary device so it can check that the primary device is not reachable. But for so...

LACP load balancing algorithm

Hello Team, Where I can find information about how traffic balance between physical interfaces in case when LACP used?Can I choose balancing method in configuration (source/destination, MAC/IP Addr, L4 Ports)? I found information about traffic distribution mechanism in LAG for early versions of software (prior 6.1😞https://knowledgebase.paloalto...

EDL and Custom URL

Hi There, Problem Statement : We have custom URL lists(To allow Azure Endpoints only), also we have EDL(With Minemeld) integrated. As per our Infosec Policy we should not use Minemeld feed for Microsoft as it has some of many wildcard. So desperately creating custom URL for each MSFT end points(viz Defender, AAD heath etc,,) But some of URL is ...

Ramakrishnan_0-1656531514731.png
Ramakrishnan_1-1656531743034.png
Ramakrishnan_2-1656531871704.png
  • 1597 Posts
  • 61 Subscriptions
Top Solution Authors
Top Liked Authors