This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4516 Views
  • 0 replies
  • 1 Likes

Whatsapp File transfer Block

i work as a security specialist engineer at a moderate enterprise.recently my superiors have asked me to block whatsapp file transfer only(meaning chat would still work).however i've tried anything using our Fw's but to no avail. from what i have read on some forums and various sources, i need to url block mmi.whatsappmms and mmv..i tried doing ...

High Bandwidth Utilization & Data Plane Restart

We have a 5220 running 9.1.12-h3, and it has a 10 Gb vwire with multiple VLANs configured with managed switches on both sides. There was a 13 Terrabyte copy across this vwire, and then as that was finishing, there was a 3 Terrabyte data copy. Both were sources from the same side of the vwire, and both towards (destination side of vwire) servers ...

Resolved! Advanced threat protection_Deep Learning

Hi, PAN OS Version 10.2 support Advanced threat protection and its seems like , for any unknowns the metadata will be forwarded to cloud for deep learning mechanism (Correct me if i am wrong). My coroners are how can we check what details has been uploaded to cloud for deep learning? what action that firewall will take until the verdict is ret...

Resolved! Path monitor setup using tunnel interface

Setting up a path monitor on a static route where source is a tunnel interface. I am able to ping from CLI with tunnel interface IP as source. But the route does not get installed. ping source 10.0.0.1 host 4.2.2.2PING 4.2.2.2 (4.2.2.2) from 10.0.0.1 : 56(84) bytes of data.64 bytes from 4.2.2.2: icmp_seq=280 ttl=57 time=21.4 ms64 bytes from 4...

image.png
raji_toor by L4 Transporter
  • 4263 Views
  • 2 replies
  • 0 Likes

Can't ping a PaloAlto interface

I am new to Palo Alto firewall. I have loaded Pan-OS 9 on eve-ng and connected one of it's port to router. It is layer three connectivity and have assigned ip to both ends. However I can't ping the firewall interface. OSPF neighborship is also not forming. Can someone help please.

jasamit by L0 Member
  • 4536 Views
  • 1 replies
  • 0 Likes

Routing question

I might be overlooking something fundamental. We are trying to slow-step out of another firewall into a PA. I have created an interface on the PA in the old subnet. I can ping across to the server and old firewall. Clients behind the PA cannot get a DHCP address. I am wondering if trying to maintain the same subnet on a Legacy VLAN will even...

We are not able to receive the password resetting link

We are not able to login the support.paloaltonetworks.com site. When we try to resetting the password using mail id, we did not receive the password reset link on mail. Kindly help us to resolve this issuePlease note you are posting a public message where community members and experts can provide assistance. Sharing private information such as ...

Validation errors in Palo Alto software version 10.1.6-h3

If you found "shared policy & template" are "Not in Sync" with Panorama with the below validation errors. Security group 'XXXXXXX' is not a valid reference rulebase->xxx-> profile-setting is invalid URL filtering profile -> is already in use This is because of bug in 10.1.6-h3 software version. Work around is To execute b...

ISP ping going out via different interface

I am facing a very strange issue. Thee are four ISP connected to PA. All are VLAN interfaces. While doing a ping to 8.8.8.8 or any public IP from the vlan interface IP it works fine except for one ISP. For one ISP if a ping a initiated from vlan.7 the traffic goes out via vlan.3. attached a screenshot. Ping is initiated from PA cli - ping sour...

pingPA.jpg
ceapen01 by L2 Linker
  • 4839 Views
  • 5 replies
  • 0 Likes

Static Source nat, two /24 subnets one to one

I want to know if this is possible, make a Static Source NAT so thatsource network last octet lets say 192.168.1.10 is translated to 10.1.1.10 then next host 192.168.1.11 is translated to 10.1.1.11 and this should happen always only natting last octet, so it does not get mixed and source nat to a different Ip that does not match the last octet. ...

Carlos_N by L1 Bithead
  • 8519 Views
  • 9 replies
  • 0 Likes
  • 1795 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks