This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4518 Views
  • 0 replies
  • 1 Likes

Wildfire and Fileblocking

Hi Team, Want to understand how i can use WF and file blocking. Suppose if am using wildfire analysis and using a default policy application - any Filetypes - any Direction - both Analysis - Public-cloud and Using a File blocking profile as attached. and say i am downloading an executable file from Internet and it is not malicious -...

Resolved! BGP preventing your FW become a transit AS

HI all, basically same question of subject. I've configured a PA VM in a lab with his own AS number,but i'm struggling to find the way to prevent the FW being used by other BGP routers as AS transit,only advertise network i decide to advertise. Any idea,link or configuration to suggest? Thanks in advance! MG

MGMGMG by L1 Bithead
  • 2766 Views
  • 2 replies
  • 0 Likes

Resolved! DGA Threat Alert

First off, I am fairly new to Palo Alto firewalls. Yesterday we received a number of alerts over a one minute period related to a Domain Generation Algorithm threat. The source was an internal IP address, the destination was an external IP address. The action taken was sinkhole. The rule was DNS Forwarders. I don't fully understand what this i...

Dataplane Crashes on PanOS 10.2.2 when DNS-Servers not set

We've encountered an issue on PanOS 10.2.2 when DNS Servers are not set on the Management-Interface, the Dataplane crashes when jumping from the Panorama to the local context of the firewall. Older version of PanOS do not have this issue. Setting the DNS-Servers seems to resolve the problem. Looks like an issue with the name resolution and dnspr...

mattlede_0-1662715637110.png
mattlede by L1 Bithead
  • 2923 Views
  • 2 replies
  • 2 Likes

Getting errors While commiting the config from panorama to Palo-Alto

We have on-boarded new standalone firewall of model 410 to Panorama and tried to configure them via templates. In Template stack we have added FW template (as priority )+ global. and we are getting below error while commiting the configurations to firewall.devices -> localhost.localdomain -> template-stack -> FW_stack -> config ->...

Sujanya by L3 Networker
  • 2657 Views
  • 1 replies
  • 0 Likes

Resolved! TCP session timeout

Hello Team, Just a query - wanted to understand few things related to PA- sessions timeout. We have a server - which needs to connect to a specific port say 8xxx or 9xxx but unfortunately it requires connection to be established till more that 10 hours say 12 hours for example. So how can i achieve this ? 1. can i change global setting...

Best practice to unblock NUPKG

Looking for suggestions to unblock NUPKG files, as it is not a populated file (I already tried whitelisting the url it originates from): File Transfer Blocked The file you are trying to download or upload has been blocked in accordance with company policy. Please contact your system administrator if you believe this is an error. File name: Te...

Log Collector RAM

Hello! 🙂 Guys please advise:Could you tell me how to calculate used RAM memory? and how to check how much RAM memory has been installed. M-600 sw-version: 10.1.6 show system resources KiB Mem : 26297164+total, 2658524 free, 18238251+used, 77930608 buff/cache KiB Swap: 7996 total, 0 free, 7996 used. 75858352 avail Mem

bkunda by L0 Member
  • 1583 Views
  • 0 replies
  • 0 Likes

PA-5200 Series in-out latency

Hello Team, I have referred Datasheet and other documents related to 5200 series, but i cannot found any document which states the latency of firewall in-out I need to check what is the documented latency for 5200 series firewall. If anybody knows or can provide the link, will help. thanks

URL filtering issue

Hello All, I have a policy on palo as below: Source : A --> going to internet -- destination address --> any Application --> ssl service --> aplication default custome URL category -- > allowed google.com what would be allowed as per this policy 2nd scenario Source : A --> going to internet -- destination address -->...

Resolved! Permitted IP address for management interface could not access HTTPS or SSH

Hello PA team, I have configured permitted IP list for my management IP list and I am unable to access my firewall via GUI https or CLI - ssh. I have enabled - PING , HTTPS, SNMP, SSH on management interface. when i remove all permitted IP addresses then i am able to access - https ssh and able to ping as well. but when i add permitted I...

VLAN Interface, Zone and Security Rule

Hello guys. always thank you for very helpful advice. I have a question about VLAN Interface on Palo Alto Firewall. As you can see below pictures, I made VLAN Interface and L2 Security Zone.   also I created security rule which allow internal communication. but my customer said they cant communication even same zone. I wonder what is d...

스크린샷 2022-09-15 오후 1.29.17.png
스크린샷 2022-09-15 오후 1.29.24.png
스크린샷 2022-09-15 오후 1.29.48.png
스크린샷 2022-09-15 오후 1.30.14.png
  • 1795 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks