Next-Generation Firewall Discussions

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

Need sample logs for all Next Generation Firewall log events for Integration Testing

Hi team,I'm currently working on integrating log analysis and would like to collect sample log events for all Next Generation Firewall log event typesIs there a way to access a reference dataset or sample payloads for each log event type for testing and validation purposes?Thanks in advance!

Hardware firewall, cant find the CPU "data, and mgmt plane" logs

Hello Team, I am trying to navigate in the system logs to find the data and mgt plane, and memory utilization but I cant find any. I have Panorama as syslog and I can find the resources utilization logs received in the panorama, but cant find them in the firewall it self. - How to find these resources utilization logs? - Is it p...

"LAN" and "WAN" interfaces for the Palo Alto Networks Cloud NGFW SaaS offering within Azure Virtual WAN

Hello Team,We are in the process of switching over from VM-Series PA to PA SaaS within Azure vWAN. Palo Alto VM-Series firewall, we explicitly created and configured LAN and WAN, however for PA SaaS within Azure vWAN is there a need to create? We also cannot create a new VNET/Subnet in Azure vWAN to associate it with the interfaces, so how doe...

Added field name in Threat log of PAN-OS 11.2

Hi, The below field name in Threat log of PAN-OS 11.2 was added.----additional_headersLocal Deep Learning Analyzedsaas_sidsaas_sidxsaas_typesaas_usersaas_tenantK8S Cluster ID---- However, I found no information about these field name.What are the values of these field name? BR,MasaW

Palo alto high avaialability

Hi All, I have configure HA between palo alto devices and integrated with Panaroma. However Ha managebility been through locally from FW only. Now need to manage HA from panaroma,. Need to know what will be impact here

No policy recommendation for IoT

I have my firewall (PA-440) licensed with an IoT security license. The IoT security portal is working great and recognizing devices in my network. But I have a problem: I don't know why, when I go to the policy recommendation for IoT, the profiles from the security portal don't appear, even though the portal recognizes the firewall and the devic...

How to change the password of the local firewall managed by Panorama.

Hello team:To change the password of an administrator user on local FWS managed by Panorama.Since they are changed locally and via CLI, the changes aren't accepted.Regards. Panorama

BGP configuration help

I'm trying to set up BGP over an IPSEC tunnel between a Palo Alto firewall and a Cisco device. The Cisco side will advertise 190 prefixes via BGP to Palo Alto. I want to send traffic to those prefixes, but without manually creating address object groups.How should I configure the Security Policy and NAT Policy rules to allow traffic to those pre...

how to disable the sequence check when downloading PANOS version via Ansible

playbook - hosts: "xxxxx" connection: local vars: device: ip_address: '{{ ansible_host }}' username: '{{ ansible_user }}' password: '{{ ansible_password }}' version: 11.1.0 tasks: - name: Download PAN-OS version paloaltonetworks.panos.panos_software: provider: '{{ device }}' version: ...

Sales Product Specialist - Hardware Firewall

Hi,I have completed the 20 modules under Sales Product Specialist - Hardware Firewall ; However, I'm unable to find the link to download the completion certificate. Can anyone help me.

Resolved! Scheduled Reports are blank and not running automatically overnight

Hello, model: pa-415 os version: 11.2.4-h7 This firewall is in FIPS mode. Scheduled reports are not running overnight, do not see any data on the PDF reports generated. However, I can see the data, and this works fine when manually generated. Has anyone faced this same issue?

restore xml PAN - 440 to PAN -1420

Can I restore an xml backup from a 440 to a 1420 palo alto?

Cloudflare fronted websites breaking geo location restrictions!

Like many of you, I default block outbound traffic to sites not located in my country. It seems that Cloudflare has started to send traffic to their proxies located in foreign countries. This is causing our users to get blocked. I can add the web site to our list of internationally allowed web sites, but we have had several instances of this hap...

eBGP peering over IPSec Tunnel using loopback

Can someone help me with steps to configure eBGP peering over IPSec tunnel on PA Firewall. For both eBGP peering and IPSec tunnels, same PA FW loopback address was used. Thank you.

Asymmetric routing assistance

I have a Meraki that has a SVI for vlan 5, 172.18.5.2 and it's trunk to a firewall that also has an SVI for vlan 5 172.18.5.1. There is a default route from Meraki pointing to 172.18.100.1 which is on the firewall. Meraki has an SVI 172.18.2.1. Server 172.18.5.76 is unable to reach IDRAC 172.18.2.75 via https though ANY is allowed on firewall. I...

Discussions

Welcome to the Next-Generation Firewall Discussions!

Need sample logs for all Next Generation Firewall log events for Integration Testing

Hardware firewall, cant find the CPU "data, and mgmt plane" logs

"LAN" and "WAN" interfaces for the Palo Alto Networks Cloud NGFW SaaS offering within Azure Virtual WAN

Added field name in Threat log of PAN-OS 11.2

Palo alto high avaialability

No policy recommendation for IoT

How to change the password of the local firewall managed by Panorama.

BGP configuration help

how to disable the sequence check when downloading PANOS version via Ansible

Sales Product Specialist - Hardware Firewall

Resolved! Scheduled Reports are blank and not running automatically overnight

restore xml PAN - 440 to PAN -1420

Cloudflare fronted websites breaking geo location restrictions!

eBGP peering over IPSec Tunnel using loopback

Asymmetric routing assistance

basic network, complex problem (please help)

Traffic log action shows allow but session end shows threat

NFR & LAB

MiMi Chat Application Classification

Lab firewall

Re: Is there a way to configure Pan-OS to integrate with an ACME server for certificate enrollment?

Re: Is there a way to configure Pan-OS to integrate with an ACME server for certificate enrollment?

Re: Delaying upgrade between an HA pair

[FIREWALL] - Commit Issue

OSPF process crashes after manual HA Failover

Unlock your full community experience!

Resolved! Scheduled Reports are blank and not running automatically overnight