This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4518 Views
  • 0 replies
  • 1 Likes

LSVPN Portal connection Failed

Hi We have around 500 sites and most of them are connected via LSVPN and a Site-2-Site VPN for backup. At somepoint the username for the portal connection has been changed which means all off the sites that are connected via LSVPN report that they have failed to connect to the portal. My question is, if the NGF fails the Portal connection a...

R.Moth by L0 Member
  • 598 Views
  • 1 replies
  • 0 Likes

VM firewalls can not join VM panorama all hosted in AWS cloud

Hello Team, We are having an issue connecting palo-alto VM firewalls in AWS to the panorama hosted in AWS as well. connectivity is successful between the firewall and panorama and we are using management port for this traffic. we ran below command show netstat all yes numeric-hosts yes numeric-ports yes | match IP and found the state established...

palocomunitypanorama.PNG
Jagdeep1 by L2 Linker
  • 1295 Views
  • 4 replies
  • 0 Likes

Resolved! Public Website IPs that is not a part of the address object group specified in destination is being blocked by Deny security policy

Hi Team, I’m experiencing an unusual issue with my Palo Alto firewall. This problem started about a week ago. Prior to that, the website in question was functioning properly and being handled by the appropriate security policy. Currently, a public website is being blocked by a specific security policy in the firewall. Upon reviewing this polic...

Resolved! Security Policy

I recently created a new security policy to see how many hits are from a specific application. The rule is "IN-OUT-APP-BLOCK1". It is Sourcing from my INSIDE ZONE from ANY IP address. The Destination is the OUTSIDE ZONE to ANY IP address. It has 'irc' set as the application, no service, and ALLOWED action. Pretty simple rule. The rule has a ...

dworakj by L1 Bithead
  • 1571 Views
  • 6 replies
  • 0 Likes

Firewall EDL URL Access Error Cortex XDR

Dear Everyone, I would like to seek for advise regarding to Firewall EDL access Source of Cortex XDR. I have following the guide https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-3.x-Documentation/Manage-external-dynamic-lists. However, I facing the issue after configure EDL, the URL Access Errror. ++Enable EDL on Cortex: ...

SopanhaRoth_0-1752827385810.png
SopanhaRoth_1-1752827427425.png
SopanhaRoth_2-1752827482780.png
SopanhaRoth_3-1752827541398.png

Palo Alto Networks PSE Hardware Firewall Professional (Strata)

Dears,I'm Paloalto partner and in order to go for next level I need to take this exam Palo Alto Networks PSE Hardware Firewall Professional (Strata), I'm looking for any study materials from those who took this certificate before.also I tried to use the codes in the certificate datasheet which isPSE-PAC-2024, PSE-OP-2024 but I coudn't find the e...

PaloAlto PSE Cer.jpg

Resolved! Newbie Initial Setup Question

Good morning,New to PA but have configured Fortinet, Meraki, Unifi firewalls so not a complete novice. I have a PA410 trying to setup on my home lab for testing prior to deployment. Connection path to Internet as follows: PA410 ----- L2 GBe Switch ----- Unifi Dream Machine (DHCP) ----- Fibre Internet After powering on, I set it to boot in stan...

paul by L0 Member
  • 1717 Views
  • 2 replies
  • 0 Likes

KAKAO TALK APP issue

Hi All, Does anyone here encountered an issue on kakao talk app? A south Korean messaging app. We have south korean users on our malaysia site that uses this app. When the user tries to login using their own hotspot they can connect without any issues, but when user is connected on our wifi, the user tries to login and was getting an error 5...

weezy_0-1755758050671.png
weezy_1-1755758329477.png
weezy by L3 Networker
  • 3242 Views
  • 3 replies
  • 0 Likes

Upgrade Palo Alto

Hello, I have Palo Alto with current version 10.2.7-h3 that is HA and would like to upgrade to version 11.1.4.h18.I am looking for an official Palo Alto link that describes the required upgrade paths (for example: from 10.2 to 11.0, then from 11.1 to 11.1.4, etc.).I would like to share this link with my manager. I found one link, but it does not...

CPU & memory utilization (PA-820 migrate to PA-455/PA-460)

Hi team, There is one customer currently using PA-820 firewall and planning for replacement. We proposed them to go with PA-1410 but seems way exceeded client’s budget. They planned to go with either PA-455 or PA-460, since no fiber port required and the performance complies the requirement. However, they need confirmation as below: Does ...

nuranisnadiah_0-1758612104426.png
nuranisnadiah_1-1758612104427.png
nuranisnadiah_2-1758612700730.png

Authentication Error occurring creating new Super User

Hi Team, we are unable to add a local admin (Super Admin) on the firewall. We are encountering the following error: "Auth Fail - Reason: Authentication profile not found for the user." Please note that the authentication profile is set to "None", as this is a local admin account. Model :- PA 440 Software version :- 11.1.10-h1 Kindly assist i...

FTP Evasion Detection (id:30401)

Could anyone help to explain what this threat is? FTP evasion detection (id:30401)I found this threat in the log, also checked the logs in FTP server, but don't get it. here is the log from the source IP of this threat in FTP server (Microsoft IIS FTP). 2025-09-16 04:43:54 8.34.210.54 - 10.10.10.31 21 ControlChannelOpened - - 0 0 8bb7b510-d8db-4...

YanQian by L1 Bithead
  • 437 Views
  • 0 replies
  • 0 Likes

SSH Proxy Decryption issue

On the PA-440 firewall, I created a decryption policy for SSH Proxy (LAN to WAN zone). When I initiate an SSH session to the same firewall’s management IP (192.168.29.25), decryption does not occur, as seen in the traffic logs. However, when connecting to another firewall’s management IP (192.168.29.206), decryption is successful. Both traffic i...

  • 1795 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks