This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4512 Views
  • 0 replies
  • 1 Likes

Windows User-ID Agent Disconnect After Failover

Hi All, I have a customer who had an issue with the WMI using agentless User-ID due to Microsoft security update. We decided to move to Windows User-ID Agent installed on a domain member Windows Server 2016. PAN OS 10.2.2 and installed agent version 10.2.1-101. In the Data Redistribution i can see the agent is connected. Customer found that if...

Palo Alto and Forescout

Hi, I have both Paloalto firewall and Forescout in our organization. This is my current setup. 1.) Forescout handling the grouping for our wireless devices (BYOD). 2.) Paloalto policy is incorporated through user mapping (Active Directory) 4.) I already setup the connection between the paloalto and forescout. Is it possible that the wireless d...

Resolved! URL Filtering Error

Hi All, We are getting an error as "Hmmm... can't reach this page" site's server ip could not found. And other page is also getting the same error. Is this a known error? I can see the logs with the IP resolved so i dont think this should be DNS issue as well. May i know what could be the best way to fix this issue? Regards, Sanjay S

bundle gre tunnels and distribute internet traffic across them

Has anyone had a location with more than 1Gbps internet link and also have Zscaler? The limitation to Zscaler is 1Gbps gre tunnel. We have a 10Gbps link and this doesn't work. We have to create 5 nats across 2 routers behind a firewall to build 10 GRE tunnels. I wanted to do something similar at the edge with palo alto but i am not seeing what i...

Resolved! Palo Alto in Virtual wire vs TAP mode.

Hello,Just wanted to confirm my understanding on the different modes of deployment in PA. Virtual Wire is an INLINE mode ( similar like IPS) and TAP mode is a passive monitoring mode. So does that mean if I find an unlocked rack somewhere and I were to remove the ethernet from the switch/firewall in that rack and instead attach it to lets say et...

Outlook web excessive bandwidth usage

Hello, We recently noticed starting last few weeks that application (outlook-web-online) had a massive data being sent and saturating our internet link. This looks to be across the network as we can identify multiple users with same application traffic being the top bandwidth consumers when we generated the custom report. Does anyone exper...

Marconi by L0 Member
  • 2400 Views
  • 2 replies
  • 0 Likes

User insertion fail with keep alive header enable

Hi team, I have inbound ssl decryption enabled with User Insertion feature enabled too. It is working fine, however when I make a POST request from Postman Application with header "Connection" and value "keep alive" is present the user insertion fail, but when I delete the "connection" header the POST Request work fine. how will proceed with...

sskannan by L2 Linker
  • 1369 Views
  • 0 replies
  • 0 Likes

Site to Site RSA_verify failed , error rsa routines (PaloAlto to checkpoint SMB)

trying to establish S2S VPN between Palo Alto 850 and Checkpoint SMB Certificate based authentication (MS enterprise CA) The ikev2 is complaining : ====> Initiated SA: XXX.XXX.XXX.XXX[500]-YYY.YYY.YYY.YYY[500] SPI:dcb4c37f6f955782:0898ce67edab9913 SN:8962 <====2022-12-26 23:34:49.355 +0200 [PWRN]: { 4: }: XXX.XXX.XXX.XXX[500] - YYY.YYY.Y...

Policy Based VPN

All,We are migrating Policy based VPN's from Juniper Netscreen to Palo-Alto firewall. Please let us is Policy based VPN will be supported in palo-Alto , if not how we need migrate the Policies of Policy based VPN.

Sujanya by L3 Networker
  • 13620 Views
  • 3 replies
  • 0 Likes

Whatsapp File transfer Block

i work as a security specialist engineer at a moderate enterprise.recently my superiors have asked me to block whatsapp file transfer only(meaning chat would still work).however i've tried anything using our Fw's but to no avail. from what i have read on some forums and various sources, i need to url block mmi.whatsappmms and mmv..i tried doing ...

  • 1794 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks