This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4600 Views
  • 0 replies
  • 1 Likes

Authentication Error occurring creating new Super User

Hi Team, we are unable to add a local admin (Super Admin) on the firewall. We are encountering the following error: "Auth Fail - Reason: Authentication profile not found for the user." Please note that the authentication profile is set to "None", as this is a local admin account. Model :- PA 440 Software version :- 11.1.10-h1 Kindly assist i...

FTP Evasion Detection (id:30401)

Could anyone help to explain what this threat is? FTP evasion detection (id:30401)I found this threat in the log, also checked the logs in FTP server, but don't get it. here is the log from the source IP of this threat in FTP server (Microsoft IIS FTP). 2025-09-16 04:43:54 8.34.210.54 - 10.10.10.31 21 ControlChannelOpened - - 0 0 8bb7b510-d8db-4...

YanQian by L1 Bithead
  • 491 Views
  • 0 replies
  • 0 Likes

SSH Proxy Decryption issue

On the PA-440 firewall, I created a decryption policy for SSH Proxy (LAN to WAN zone). When I initiate an SSH session to the same firewall’s management IP (192.168.29.25), decryption does not occur, as seen in the traffic logs. However, when connecting to another firewall’s management IP (192.168.29.206), decryption is successful. Both traffic i...

SCM management routing mode change failed

Hi, I’m trying to manage PA-460 from SCM, but I still get error, even after a factory reset. The firewall still disconnects and cannot complete bootsrap process, but SCM receive telemetry data. I also try to change [routing mode] to advanced routing, same result. PAN OS version is 11.1.6-h3 (preferred) Strata cloud management essential No str...

JTurcotte_0-1745857522021.png
JTurcotte_1-1745857534120.png

How to configure pool.ntp.org or us.pool.ntp.org as ntp server

I configured them both using fqdn on the security policy with source as firewall management interface but ntp status shows rejected. How do I fix this. Please helpAll services to the internet use management interfaceDNS configured 1.1.1.1 and 8.8.8.8Firewall can ping 1.1.1.1 and 8.8.8.8Allowed application ntp and ntp baseI checked the monitor t...

NGFW Saas Azure Logging

I have deployed the NGFW in Azure in a vnet. We had to redeploy due to a spelling error now we cannot set up the logging . We enable logs and save to a log analytics workspace. Acts like it is going to save but does not . Error provided . Error reading Log settings for firewall name xxxxxxxxx. Exception : Exception of type 'Microsoft.Liftr.PAN.S...

Unable to Ping Palo Alto Interface – Connectivity Appears One-Sided

We are working with a client who has a network setup where a Palo Alto firewall is connected to a Check Point firewall. The client reports that they are unable to ping the IP address of the Palo Alto firewall's interface ethernet1/8.Troubleshooting Steps Performed:Initial Test Between Firewalls:The Palo Alto firewall is connected to the Check Po...

Terminal server from a single IP address, the firewall cannot distinguish which user generated which traffic!

When multiple users access a terminal server from a single IP address, the firewall cannot distinguish which user generated which traffic. The firewall maps the IP address to only one user. After research, I resolved this issue with TSA, but I wanted to know if it's possible to determine which user actually owned the traffic from the past, bef...

Custom Report Query 질문

When I search for "name-of-treatid contains 'Command and Control'" in the Threat Log, I get logs that contain that string in the Threat ID/NAME field. To save this log in PDF format, I selected only the desired fields from the Custom Report menu and used the same query to filter it. However, instead of finding logs that contain "Command and Cont...

Threat로그에서는 먹힘.png
커스텀리포트 필터.png
커스텀리포트 필터 안먹힘.png

Audit Logs Not Showing Committed Versions

Hi Community, We're currently experiencing an issue on our Palo Alto Networks 34xx Series firewall with Multi-VSYS enabled. Issue:The Audit Logs are only showing the backed-up versions rather than the committed versions. We are unable to track which configuration version was committed via the audit logs, which is critical for our change tracking...

How to backup and restore from PA3220 to PA1420 for a Global Protect Portal & Gateway

Hi, I have been doing researching for how to migrate from old palo alto firewall model to new. Seem like it will working if using configuration snapshot xml file from old model and restore on the new model and the old & new model is similar. However, I read the kb from https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000...

JLowZheTing_0-1757646337335.png

NPN Incident - Suggest a "software repository" URL Category?

Hi! I've been investigating the NPN supply chain attack here, one strand of which was looking at servers who had fetched from the repository using URL filtering. Our servers _alert_ on "computers-and-internet-info" (which registry.npmjs.org is categorised as) but client devices don't. And it occurred to me that if registry.npmjs.org was cate...

URL Filtering: Categories for Suicide Promotion/Self-Harm Promotion

Hi! Unless I've been dumb enough to miss them, the Palo Alto URL filtering database lacks a category for suicide/self-harm promotion sites. I've now been asked for a second time if we could block such sites. As a higher education institute, we're really rather interested in such blocking such categories - who knows? It may be the tipping point...

  • 1587 Posts
  • 61 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks