This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4560 Views
  • 0 replies
  • 1 Likes

Terminal server from a single IP address, the firewall cannot distinguish which user generated which traffic!

When multiple users access a terminal server from a single IP address, the firewall cannot distinguish which user generated which traffic. The firewall maps the IP address to only one user. After research, I resolved this issue with TSA, but I wanted to know if it's possible to determine which user actually owned the traffic from the past, bef...

Custom Report Query 질문

When I search for "name-of-treatid contains 'Command and Control'" in the Threat Log, I get logs that contain that string in the Threat ID/NAME field. To save this log in PDF format, I selected only the desired fields from the Custom Report menu and used the same query to filter it. However, instead of finding logs that contain "Command and Cont...

Threat로그에서는 먹힘.png
커스텀리포트 필터.png
커스텀리포트 필터 안먹힘.png

Audit Logs Not Showing Committed Versions

Hi Community, We're currently experiencing an issue on our Palo Alto Networks 34xx Series firewall with Multi-VSYS enabled. Issue:The Audit Logs are only showing the backed-up versions rather than the committed versions. We are unable to track which configuration version was committed via the audit logs, which is critical for our change tracking...

How to backup and restore from PA3220 to PA1420 for a Global Protect Portal & Gateway

Hi, I have been doing researching for how to migrate from old palo alto firewall model to new. Seem like it will working if using configuration snapshot xml file from old model and restore on the new model and the old & new model is similar. However, I read the kb from https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000...

JLowZheTing_0-1757646337335.png

NPN Incident - Suggest a "software repository" URL Category?

Hi! I've been investigating the NPN supply chain attack here, one strand of which was looking at servers who had fetched from the repository using URL filtering. Our servers _alert_ on "computers-and-internet-info" (which registry.npmjs.org is categorised as) but client devices don't. And it occurred to me that if registry.npmjs.org was cate...

URL Filtering: Categories for Suicide Promotion/Self-Harm Promotion

Hi! Unless I've been dumb enough to miss them, the Palo Alto URL filtering database lacks a category for suicide/self-harm promotion sites. I've now been asked for a second time if we could block such sites. As a higher education institute, we're really rather interested in such blocking such categories - who knows? It may be the tipping point...

Microsoft WNS App ID

I work with a network scenario where we have two firewall towards the internet and the desktop PCs are behind PaloAlto as perimeter and Cisco as internal firewall, so we can compare the same traffic whether it is identified properly or not. It seems that PaloAlto has some problem identifying traffic from Windows Push Notification Service. Not ...

PAN-OS 11 GUI Responsiveness - PA-1410

We have some new PA-1410's which are to replace some older oversized PA-3220's. The downsize is the PA-1400 series require us to use PAN-OS 11. Even with minimal out of the box config (management IP etc) the web UI on both units is very slow and unresponsive. At times the web GUI fails to load at all and needs several refreshes. A restart help...

Resolved! Investigate Bandwidth utilization on Palo Alto Firewall

In Palo Alto, we are facing an issue where when our office is open, our bandwidth graph reaches its maximum, and when the office is closed, the bandwidth graph is down. We need to verify which IP address on the LAN network is creating this cause. LAN network connected to Palo Alto firewall, and DHCP is configured

Tunnel Traffic from ISP2 IP Working Despite Default Route on ISP1 – Need Insights?

Hi Team, 🔁 Scenario Summary for Asymmetric routing Primary ISP (ISP1): Default route with lower metric (10), so all traffic prefers this path.Secondary ISP (ISP2): In Firewall, I manually initiate traffic using ping source <ISP2 IP> host 8.8.8.8.Routing Table: Since 8.8.8.8 is unknown, the firewall uses the default route — which points ...

Resolved! PALOALTO NGFW HIP

Hi,I need help with configuring Host Information Profiles (HIP) using device attributes such as MAC address, serial number, or host ID. When creating a HIP object with these attributes, where should I add the list of devices so they are recognized by the firewall?Thanks,

OrkhanM by L1 Bithead
  • 1467 Views
  • 4 replies
  • 0 Likes

Dynamic IP at Spoke site in PAN-OS SD-WAN Hub/Spoke topology

HiI am new to PAN-OS SD-WAN and need to clarify Internet service requirement at new spoke site. My client has PAN-OS SD-WAN hub-and-spoke topology, the hub PA firewall has a static public IP for its internet service.All spoke PA firewalls also use static public IPs, but we now will have a new spoke with a dynamic public IP. I am hoping to confir...

Bootstrap 4.3 reaching EOS

Hello community, we have been informed that Bootstrap 4 is reaching EOS and this could cause a vulnerability, and I would like to know if there is any information about which firmware version uses this ? Is it a real potential threat? Thanks in advance!

Concerns of Firewall 5250 dropping packets and enabled DSRI (Disable Server Respponse Inspection) relieve issues for a few hours but came back

Good evening, Working with one of the top Microsoft engineers today who performed numerous wireshark traces regarding huge concerns that Palo Alto Firewall 5250 firewall was dropping packets. Identified exact time and sequence as well as size of packets and sequence being lost in transit. Noticed over tens of thousands of these re-transmits ...

wechang by L0 Member
  • 1087 Views
  • 2 replies
  • 0 Likes
  • 1589 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks