This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4562 Views
  • 0 replies
  • 1 Likes

Resolved! Request for Free Trial Access to VM-Series Firewall and Integration Testing Support

I would like to request access to a free trial of the VM-Series Virtual Firewall for evaluation and integration testing purposes.Specifically, I am looking to:Deploy the VM-Series in a test environmentPerform basic functionality and integration validationTest log generation and forwarding (syslog, CEF, etc.)Please let me know the steps to obtain...

Resolved! Monitoring VPN Tunnel Status with SNMP Trap

Hello, I would like to use SNMP Trap to detect status changes of VPN tunnels in the PA series. Is it possible to detect VPN tunnels status changes with the following OIDs. panVPNTunnelStatusUpTrap: .1.3.6.1.4.1.25461.2.1.3.2.0.1746panVPNTunnelStatusDownTrap:.1.3.6.1.4.1.25461.2.1.3.2.0.1747 Product model:PA-220 PAN-OS version:10.2.11 B...

opaque: CloudAuthService Server certificate validation failed. Dest Addr: license.api.paloaltonetworks.com, Reason: unable to get local issuer certifi

Hi, we are getting the following 2 x alerts on the same firewalls, can you please let us know how this can be fixed - googled it but I couldn;'t find a fix:alert1:opaque: CloudAuthService Server certificate validation failed. Dest Addr: license.api.paloaltonetworks.com, Reason: unable to get local issuer certificatedg_id: 0tpl_id: 0 alert2: loud...

qasim02 by L2 Linker
  • 1083 Views
  • 0 replies
  • 0 Likes

DNS Servers Failure

In the Palo Alto firewall, we are unable to reach the DNS servers. These servers are in the cloud and act as proxy servers as well as domain controllers. From our VMs, we are able to ping the DNS IPs successfully, but in the firewall session logs, it shows "resource unavailable." Note that the same configuration is working on another Palo Alto f...

pr45031 by L0 Member
  • 740 Views
  • 1 replies
  • 0 Likes

Chromium-based traffic issue

Hello Experts, Our client experienced a drop in internet traffic. After running tests, they detected that all traffic generated with Chromium-based browsers was being dropped by the firewall for some unknown reason. Other traffic generated by other browsers, such as Firefox or ICMP traffic, was not affected in the same way.We haven't determined ...

Resolved! User-ID showing "Invalid Agent version"

Windows server 2016 Pan-OS 11.1.6-h3 User-ID 11.0.2 I am burnt out tying to get this to run. I have ran though all the instructions 4 times now. I keep receiving an error when running "tail mp-log useridd.log" that ends in "Invalid Agent version" I've uninstalled/reinstalled, repaired, rebooted. made new certs signed by PA root CA I crea...

E.Burke by L1 Bithead
  • 1130 Views
  • 1 replies
  • 0 Likes

S2S between PA3250 and Azure VPN Gateway -1 way traffic

HI everyone, for a long time we have had a functioning VPN gateway between our on premise 3250 and and Azure VPN Gateway. Recently, we have observed that appear to be unable to send traffic from the PA side, to Azure. Including return traffic. Here's what I am observing. The Tunnel is up. When I send traffic from the Azure Side, I see it appe...

CyberEng by L2 Linker
  • 923 Views
  • 1 replies
  • 0 Likes

Resolved! Azure SAML Authentication for Admin access - HA Pair - AZURE Enterprise APP ADMIN UI

We have been able to configure the ADMIN UI to use SAML auth on the primary firewall to leverage MFA. The problem is the secondary firewall has a different URL, of course, to access it. We tried creating a second ADMIN UI, but you cannot assign a separate authentication profile to the two different management interfaces in a HA configuration. Ha...

Carleton by L3 Networker
  • 10723 Views
  • 9 replies
  • 1 Likes

RealNetworks RealPlayer MPG Width Integer Underflow Vulnerability - 91059

Hi Community, A MPEG file trying to sync on One Drive but is being blocked by Palo Alto. Here is the signature RealNetworks RealPlayer MPG Width Integer Underflow Vulnerability - 91059 being the reason. File is legit, what could be the reason of the block? The signature itself is based on an old CVE which has been resolved.

  • 1589 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks