Next-Generation Firewall Discussions

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Paloalto security Architect/Consultant - Advice

Hello Everyone,

I've been working with Palo Alto firewalls for some time now and am looking to explore opportunities in solution design, architecture, and consulting.

I know there are many talented professionals here who are already succeeding in thi

...

Resolved! Request for Free Trial Access to VM-Series Firewall and Integration Testing Support

I would like to request access to a free trial of the VM-Series Virtual Firewall for evaluation and integration testing purposes.

Specifically, I am looking to:

Deploy the VM-Series in a test environment
Perform basic functionality and integration valid

...

SFP Compatible Matrix

What are the compatible PAN model for PAN-SFP-PLUS-SR and PAN-SFP-PLUS-CU-5M

Resolved! Monitoring VPN Tunnel Status with SNMP Trap

Hello,

I would like to use SNMP Trap to detect status changes of VPN tunnels in the PA series.

Is it possible to detect VPN tunnels status changes with the following OIDs.

panVPNTunnelStatusUpTrap: .1.3.6.1.4.1.25461.2.1.3.2.0.1746
panVPNTunnelS

...

opaque: CloudAuthService Server certificate validation failed. Dest Addr: license.api.paloaltonetworks.com, Reason: unable to get local issuer certifi

Hi, we are getting the following 2 x alerts on the same firewalls, can you please let us know how this can be fixed - googled it but I couldn;'t find a fix:
alert1:opaque: CloudAuthService Server certificate validation failed. Dest Addr: license.api.p

...

Resolved! EDL Limit

How we can increase the External Dynamic List (EDL) max IP limit ?

For example: PA 3420 has 50,000 IP limit, how we can increase this limit in EDL ?

DNS Servers Failure

In the Palo Alto firewall, we are unable to reach the DNS servers. These servers are in the cloud and act as proxy servers as well as domain controllers.

From our VMs, we are able to ping the DNS IPs successfully, but in the firewall session logs, it

...

DHCP configuration with ip 192.182.1.0/24 network

Hi team, as we are getting a use case of DHCP configuration with Ip 192.182.1.1/24, are we able to configure DHCP server with this Ip which range starts from 192.182.1.2- 192.182.1.254/24? as this Ip considered as public Ip

Chromium-based traffic issue

Hello Experts,

Our client experienced a drop in internet traffic. After running tests, they detected that all traffic generated with Chromium-based browsers was being dropped by the firewall for some unknown reason. Other traffic generated by other b

...

is there is a limit to nested app groups? (how many nested groups can be inside each other)

Resolved! User-ID showing "Invalid Agent version"

Windows server 2016

Pan-OS 11.1.6-h3

User-ID 11.0.2

I am burnt out tying to get this to run. I have ran though all the instructions 4 times now.

I keep receiving an error when running "tail mp-log useridd.log" that ends in "Invalid Agent versio

...

Licensing a Palo Alto device bought from a market place.

Hello,

I purchased a PA-850 from the market place that I am trying to license. However, it seems I will have to go through the Secondary Market Policy. I am finding it difficult to register this device. Please advise on what l have to do.

Resolved! Upgrade of software

Good day

I am presently on Panos 11.0.1-h2 for over a year. What is the upgrade path so that I can upgrade these firewalls to the latest version

S2S between PA3250 and Azure VPN Gateway -1 way traffic

HI everyone, for a long time we have had a functioning VPN gateway between our on premise 3250 and and Azure VPN Gateway.

Recently, we have observed that appear to be unable to send traffic from the PA side, to Azure. Including return traffic.

Here

...

Resolved! Azure SAML Authentication for Admin access - HA Pair - AZURE Enterprise APP ADMIN UI

We have been able to configure the ADMIN UI to use SAML auth on the primary firewall to leverage MFA. The problem is the secondary firewall has a different URL, of course, to access it. We tried creating a second ADMIN UI, but you cannot assign a sep

...

Discussions

Welcome to the Next-Generation Firewall Discussions!

Rules and Best Practices

Paloalto security Architect/Consultant - Advice

Resolved! Request for Free Trial Access to VM-Series Firewall and Integration Testing Support

SFP Compatible Matrix

Resolved! Monitoring VPN Tunnel Status with SNMP Trap

opaque: CloudAuthService Server certificate validation failed. Dest Addr: license.api.paloaltonetworks.com, Reason: unable to get local issuer certifi

Resolved! EDL Limit

DNS Servers Failure

DHCP configuration with ip 192.182.1.0/24 network

Chromium-based traffic issue

is there is a limit to nested app groups? (how many nested groups can be inside each other)

Resolved! User-ID showing "Invalid Agent version"

Licensing a Palo Alto device bought from a market place.

Resolved! Upgrade of software

S2S between PA3250 and Azure VPN Gateway -1 way traffic

Resolved! Azure SAML Authentication for Admin access - HA Pair - AZURE Enterprise APP ADMIN UI

Investigate Bandwidth utilization on Palo Alto Firewall

Reason: Authentication profile not found for the user

Downgrade the feature version from 11.1.4-h7 to 10.2.13-h10 in HA mode

Security Policy

Upgrade of software

Re: Microsoft WNS App ID

Re: Concerns of Firewall 5250 dropping packets and enabled DSRI (Disable Server Respponse Inspection) relieve issues for a few hours but came back

Re: PALOALTO NGFW HIP

Re: Software EOL 10.2

Firewall EDL URL Access Error Cortex XDR

Unlock your full community experience!

Rules and Best Practices

Resolved! Request for Free Trial Access to VM-Series Firewall and Integration Testing Support

Resolved! Monitoring VPN Tunnel Status with SNMP Trap

Resolved! EDL Limit

Resolved! User-ID showing "Invalid Agent version"

Resolved! Upgrade of software

Resolved! Azure SAML Authentication for Admin access - HA Pair - AZURE Enterprise APP ADMIN UI