This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4514 Views
  • 0 replies
  • 1 Likes

Threat ID 54532

Anyone have any experience dealing with Threat ID 54532? VBScript Obfuscation. See the offenses/detections but find nothing on the hosts source or destination that reflects a vbs script. Its all internal traffic. Could it be some other traffic that is getting incorrectly labeled as VBS?

Detection logic in content update

Greetings All, can you explain what is the meaning of the below when we receive new contents updates : "improved detection logic to cover a new exploit" "improved detection logic for decoder updates" "improved detection logic to address a possible fp issue" Thanks

Resolved! Absolute domain ending in .txt

HI all, i received from an external provider a .txt list to block in my palo alto. The list is not exactly a file ,is an absolute domain,i mean is like www.test.com/blacklist/domain.list.txt. This will be a dynamic list,so is there some way to save this domain as object in palo alto,adding to a policy,and palo alto will update automatically as f...

MGMGMG by L1 Bithead
  • 2744 Views
  • 3 replies
  • 0 Likes

Resolved! Panorama certificates - deleted CSR

Hi all, I was processing with renewing cert for vpn on panorama. Generated CSR on panorama, get new cert from digicert. During importin new cert to panorama, by mistake I deleted generated csr. Is there any way to undelete, restore this deleted csr? I have exported csr on disk.

DaWeING by L0 Member
  • 2891 Views
  • 1 replies
  • 0 Likes

Post fixing the firewall from maintenance mode , facing issue in log forwarding

All, Recently our production PA-440 model firewall went into maintenance mode, and post rebooting it came back and all started working fine without any issue.After few minutes of firewall came up, it stopped generating and forwarding (traffic, Threat and configuration) logs to panorama.we did restart log-receiver and mgmt of the firewall , but s...

Sujanya by L3 Networker
  • 2657 Views
  • 2 replies
  • 0 Likes

Resolved! Log appearing when disabling HA Pair

Dear All, I have a question. I assumed that logs would be output on the active firewall by removing the passive firewall side of the HA configuration devices that are in operation, > at that time what kind of log is the output? (like, link downed?)> Is the log continuously output? or just only one time it appears? Thanks!

HA syn configuration

I have 2 PA-440 configure by HA,now one of FW hardware down,And I get a new FW from RMA.now I connect this new FW. When I press "Sync to peer device", it prompts me that synchronization failed. I understand because I have not imported the license to the new firewall. If I import the license into the new firewall, can I directly synchronize the a...

Zhangsx_0-1670573116908.png

User ID firewall integration with mapping server or AD

Have to enable User-ID for corporates users. Not able to locate documentation around best practices for user id. for example in my scenario. we have one domain xyz.com with 50 domain controllers to monitor. we have winRM installed on all the domain controllers. So we will be considering doing agentless user id integration. my questions are ...

Sukhmeet by L1 Bithead
  • 3108 Views
  • 1 replies
  • 0 Likes

Error Index Protocol Error tlsv1 bad certificate status response. Received fatal alert BadCertificateStatusResponse from client

Hi folks, I'm using an SSL forward proxy policy and am getting this error: Error IndexProtocolErrortlsv1 bad certificate status response. Received fatal alert BadCertificateStatusResponse from client When a client attempts to connect to outlook.office365.com. Any ideas what it means or how to fix it? Thanks!

GlobalProtect MFA with LDAP at Phase 1 and Okta Verify at Phase 2

Hello everyone, I want to implement GlobalProtect with Multi-factor Authentication, with LDAP at Phase 1 and Okta Verify at Phase 2. Is it possible? I have configured based on Palo Alto Document "Configure MFA between Okta and the Firewall" and mapping configuration to GlobalProtect, but when i try the GlobalProtect it show only LDAP Authent...

raihannd by L0 Member
  • 1739 Views
  • 0 replies
  • 0 Likes
  • 1794 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks