This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4508 Views
  • 0 replies
  • 1 Likes

PA dropping certain MSSQL EXEC statements for no apparent reason

Having a weird issue with a remote client connection to over VPN to multiple internal MSSQL servers. A particular SQL EXEC query packet is getting dropped in the middle of an SQL session. Security ruleset allows the communication under a VPN to TRUST mssql-db-unencrypted rule (made a separate test rule with explicit any/any allows and no filteri...

Firewall tries to close a BGP/TCP connection with switch

Hi, The following problem involves a firewall (10.249.0.13) wanting to close a BGP connection with its neighboring switch (10.249.0.14). The switch answers with a BGP NOTIFICATION message that contains 'No supported AFI/SAFI'. (separate issue) The firewall then sends a FIN to the switch to close the TCP connection. Follows a series of FIN ...

Upgrade 9.0 to 9.1 Question

I have two palo vm's (managed by panorama 10.1.3) in azure running 9.0.13 and I want to get them up to 9.1.14. I have a question regarding order of operations. Can I use Panorama to upgrade them directly from to 9.1.14 by downloading 9.1 and downloading and installing 9.1.14? Or do I have to install the 9.0.16 maintenance release before moving...

dac6d4 by L0 Member
  • 2510 Views
  • 1 replies
  • 0 Likes

Cloud NGFW for AWS billing issue

Hi All, I have subscribed Cloud NGFW for AWS service(Palo Alto firewall) from AWS marketplace and used it from a learning perspective. Now I'm getting a higher billing amount on the AWS billing dashboard. I raised a case with AWS for billing issue they suggest talking to Palo alto customer care support for the same. On Palo Alto portal i am no...

Resolved! Best Practice for Root CA Self Signed Cert on NGFW

I have a question regarding best practices for creating Root CA self-signed cert(s) on a NGFW. Should one single self-signed CA root cert be used as the root cert for ALL certificate chains for firewall services such as SSL Decryption, GlobalProtect portal, Gateway Certificates, etc, etc? So I guess there are two specific questions: 1) Is there...

Looking to switch to PAN for NGFW, need insight into IPS, reporting and analytics, network visibility, etc

Hey all, I work IT security for a SMB in the financial sector and I'm looking into PAN, FortiGate and Check Point for a better NGFW solution than what we currently have, which is Sonicwall. For about 6 years we've been using an NSA 3600 to cover our main company network and then a TZ500 to connect back to the main branch via point to point VPN a...

NGFW PALO ALTO and Azure VPN Ipsec Issue

Hi All, We had observed an issue with Palo Alto and Azure vWAN IPsec tunnel. the Tunnel seems disconnected and getting following log messages time and again.2022-03-07 11:48:14.506 -0600 [PWRN]: 50.100.100.100[500] - 152.100.101.105[500]:0x1c787140 unknown ikev2 peer2022-03-07 11:54:17.013 -0600 [PERR]: { 4: }: 50.100.100.100[500] - 152.152.152...

Intermittent random packet drops to/from NGFW

What seems to be out of the blue, with no configuration changes on our firewall(s), we began experiencing random periods of "network outages" on our main data center firewall. The symptoms are as follows:Our pingdom test to our OWA website shows as down (i.e. the web page hosted behind the firewall cannot be reached from the internet)Users conne...

JPhilip by L1 Bithead
  • 18022 Views
  • 6 replies
  • 0 Likes

Resolved! FlexVM Licensing with Software NGFW Credits

Hi all, As you probably know, paloalto recently changed the licensing of VM firewalls. With greater flexibility (and higher licensing costs), there is now also the possibility to increase only the RAM for such a VM firewall which results in higher capacity for rules, zones, concurrent sessions. Some of the specs which change with a different mem...

Remo by L7 Applicator
  • 13125 Views
  • 9 replies
  • 1 Likes

Can't get support for NGFW credits

We purchased NGFW credits but haven't received any activation e-mail. We can't open a support case through the portal as we don't have an asset to open the case against in our account. There's supposedly an open support case button on LIVEcommunity but I can't find it. Phone support doesn't recognize the serial number received from orders@paloal...

mkaufman by L0 Member
  • 3000 Views
  • 1 replies
  • 0 Likes
  • 1794 Posts
  • 60 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks