Next-Generation Firewall Discussions

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Using NAT64 to reach overlapping ipv4 networks

Hello!

My problem is a little more complex than the scenario below, but I'm trying to keep it simple.

Let's say I have a machine "v6client" on an IPv6-only network with IP 2001:db8::10. It's directly connected to an interface in virtual router vr

...

Any good way to block DeepSeek by PaloAlto Firewall(PA-820)

Could you tell me a good method to block DeepSeek ? Thank you very much.

Resolved! Pan-OS 10.2.13-h4 known issues

Hello everyone,

Can I ask if anyone already installed Pan-OS 10.2.13-h4 on their firewalls? Any issues with this hotfix?

I am hesitant to install it after reading reddit comments about the 10.2.13-h3 and how it breaks IPv6.

Source account mapped

Hi All,

We have purchased an Palo alto 220 series firewall however while registering the devices we are getting an attach error. Can someone help me to identify how can i know where my device has been mapped.

Download PAN OS 9.1.16-h5 for PA-3020 FW

How to Download PAN OS 9.1.16-h5 for PA-3020 FW as it is reached end of life.. unable to find the PA 3020 firewall software updates in suport portal.

GlobalProtect enforcer exceptions not staying in registry

We have GlobalProtect with "Enforce GlobalProtect" enabled and a set of IP and FQDN exclusions. Additionally, the captive portal exception timeout is configured to 900 seconds. However, we’ve encountered an issue when users are connected to GlobalPro

...

Resolved! PA-440 logging tab emtpy

Hi there,

just got my new HA pair of two PA-440's up and running. I noticed a strange thing, the logging tab is empty, what's the cause of this?

Btw, the cli shows logs via "show log traffic direction equal backward dst in x.x.x.x"

Thx

Daniel

Zone protection question

Hi Team,

I’d like to add an IP to be exempted from zone protection. Is this possible on the firewall?

How we can achive this please suggest

Resolved! Bi-direction Nat logic

hi I have configured a static bidirection NAT which is Trust to Untrust source address 10.149.192.32 destination 10.90.129.51 service any source translation 200.22.1.32 and turned the bi-directional: yes.

I have the security policy any and routing 10

...

Resolved! Two PA-440 - Need PANOS Update for Lab

Bought two 440's second hand before knowing about updates etc.

Starting a small business and these will be used for proof of concept/demo's etc.

Without a partner, what is the most cost effective way we get updates to get started?

Resolved! Deepseek addition to artificial-intelligence subcategory ETA?

Do we have a known ETA of when we can expect DeepSeek to be added to the artificial-intelligence subcategory?

With the rapid developments in Washington and other nations having that visibility without custom filters would be wonderful!

NGFW

issues with traffic passing through vWire

hi guys, i'm trying to set up a new Palo Alto firewall, a PA 440, for a customer. But they want minimal impact on their network and don't want to change anything, so i proposed setting up a vWire so they change nothing and can benefit from the inspec

...

Failed to download due to Empty file returned by update server. Please try again later.

HW : PA440

sw 11.2.4-h1 seeig this error when trying to download 11.24h4

It worked on another firewall with same SW Tried with update server :

updates.paloaltonetwo

...

GP VPN / Routing

Hi All,

I have a question:

So we have a Parent Company name A and we have an existing IP SEC S2S tunnel and we are forwarding the routes for Server and Voice.

Now we have a new client on our Company, and that client consist of 3 users only

...

Power Adapter and Cable for PA-460 Firewall

Hello,

I would like to confirm the type of power adapter and cable used to power the PA-460 firewall. Specifically, I need to know the connector type on the AC side of the adapter and whether it uses an IEC-60320 C5 or a different standard. This info

...

Discussions

Welcome to the Next-Generation Firewall Discussions!

Rules and Best Practices

Using NAT64 to reach overlapping ipv4 networks

Any good way to block DeepSeek by PaloAlto Firewall(PA-820)

Resolved! Pan-OS 10.2.13-h4 known issues

Source account mapped

Download PAN OS 9.1.16-h5 for PA-3020 FW

GlobalProtect enforcer exceptions not staying in registry

Resolved! PA-440 logging tab emtpy

Zone protection question

Resolved! Bi-direction Nat logic

Resolved! Two PA-440 - Need PANOS Update for Lab

Resolved! Deepseek addition to artificial-intelligence subcategory ETA?

issues with traffic passing through vWire

Failed to download due to Empty file returned by update server. Please try again later.

GP VPN / Routing

Power Adapter and Cable for PA-460 Firewall

High availability system alarms

diable cortex xdr agent

DNS-Sinkhole Injection

Move license between active NGFW

Newbie Initial Setup Question

Duplicate DNS packets

LACP Features on Palo Alto Firewall

OSPF & Static Routes

Link and traffic priority on palo alto

Re: DNS-Sinkhole Injection

Unlock your full community experience!

Rules and Best Practices

Resolved! Pan-OS 10.2.13-h4 known issues

Resolved! PA-440 logging tab emtpy

Resolved! Bi-direction Nat logic

Resolved! Two PA-440 - Need PANOS Update for Lab

Resolved! Deepseek addition to artificial-intelligence subcategory ETA?