This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4591 Views
  • 0 replies
  • 1 Likes

issues with traffic passing through vWire

hi guys, i'm trying to set up a new Palo Alto firewall, a PA 440, for a customer. But they want minimal impact on their network and don't want to change anything, so i proposed setting up a vWire so they change nothing and can benefit from the inspection features of the new Palo box. pretty much here's how it kinda looks like: ISP Router --> ...

D.Sine by L1 Bithead
  • 1581 Views
  • 2 replies
  • 0 Likes

Failed to download due to Empty file returned by update server. Please try again later.

Failed to download due to Empty file returned by update server. Please try again later.HW : PA440sw 11.2.4-h1 seeig this error when trying to download 11.24h4 It worked on another firewall with same SW Tried with update server : updates.paloaltonetworks.com and us-static.updates.paloaltonetworks.com Nothing works, please help to fix the issue

GP VPN / Routing

Hi All, I have a question: So we have a Parent Company name A and we have an existing IP SEC S2S tunnel and we are forwarding the routes for Server and Voice. Now we have a new client on our Company, and that client consist of 3 users only. So, their work setup is hybrid. So our client users are located on Parent company site CH, JAPA...

weezy by L3 Networker
  • 661 Views
  • 0 replies
  • 0 Likes

Power Adapter and Cable for PA-460 Firewall

Hello, I would like to confirm the type of power adapter and cable used to power the PA-460 firewall. Specifically, I need to know the connector type on the AC side of the adapter and whether it uses an IEC-60320 C5 or a different standard. This information is crucial for connecting the device to a data center rack PDU with C13 outlets. Thank yo...

Errors and commit warnings after 11.1.2-h3 upgrade

Hi, If anyone could shed some light on the issue below, it would be greatly appreciated. Since upgrading my PA-440 to 11.1.2-h3 (preferred version), I am seeing the following two issues: 1. Every 5 minutes, there is a system log error:Failed to perform task resulting in connection timeout with WildFire Cloud wildfire.paloaltonetworks.com 2. Af...

GregorJus by L1 Bithead
  • 15107 Views
  • 10 replies
  • 4 Likes

HA Configurations in Strata Cloud Manager (SCM) with NGFW.

Good Day fellow techies I am writing this article because I was very confused at the SCM tech writing of the Admin Guide, in regards to HA. I REALLY tried to follow along with the steps, but could not understand. I think I am not the only one. So, in basic terms, create your folder structure as you would for NGFW FWs, that you will be manag...

SCantwell_0-1730985799439.png
SCantwell_1-1730984808101.png
SCantwell_2-1730984845856.png
SCantwell_3-1730984916648.png

The required '11.1.0' base image must be loaded before this image can be loaded

Hi Team, My Panorama device is currently on Software Version 11.0.5, and I am looking to upgrade to 11.1.4-h1. In Panorama, I navigate to Panorama > Software, and run 'Check Now' to refresh available updates. I can see that 11.0.0 (base) and 11.0.4-h2 (preferred) images are already downloaded (as well as 11.0.5 which is not a base or pref...

OKelly by L1 Bithead
  • 7715 Views
  • 4 replies
  • 3 Likes

Palo alto firewall incorrect time

Hi Everyone,PA-440 appliance running on 11.2.4 firmwareIs anyone experiencing issue in time being incorrect and keeps going back to wrong time and date?Already tried synching it on NTP server and it shows on CLI that it is synched and reachable however on GUI it still shows the incorrect time and date. Also tried manually set time and date on De...

RVizcarra by L4 Transporter
  • 1137 Views
  • 1 replies
  • 0 Likes

failed auth

2025-02-20 16:36:56.159 -0800 debug: pan_auth_cache_user_is_allowed(pan_auth_cache_allowlist_n_grp.c:789): user "jdelossantos" is NOT in allow list of auth prof/vsys "AD_AUTH/shared" (vsys in request "shared")2025-02-20 16:36:56.159 -0800 failed authentication for user 'jdelossantos'. Reason: User is not in allowlist. auth profile 'AD_AUTH', vsy...

Firewall with L2 Interfaces and dual uplinks to switch.

Question on L2 Interfaces and internal VLANs. We are connecting a 220R with all interfaces in L2. We have 2 gateway switches so this firewall with have dual uplinks (one to each GW). How do I apply a VLAN to these interfaces? Do I even need to? One some other deployments where we've had dual uplinks (but usually to the same switch, not sep...

jwill2 by L2 Linker
  • 1226 Views
  • 1 replies
  • 0 Likes

GW ARP reply..

From the tcpdump output, the device with the MAC address b4:0c:25:e0:40:10(FW being the GW) is repeatedly broadcasting ARP requests, asking for the MAC addresses of multiple IPs within the 10.248.8.x range. It is sending these requests to identify the MAC addresses of devices associated with those IP addresses. This is resulting connectivity iss...

MS Teams Aplication Performance Issue –Intermittently

Hi Team, We have received reports from three customers experiencing intermittent performance issues with the MS Teams application, specifically with audio and video not functioning properly. Troubleshooting Steps Performed (Palo Alto Firewall): ✔ Removed all security profiles from the policy✔ Configured QoS and assigned guaranteed bandwidth for ...

Resolved! ERROR DURING THE BOOT PROCESS( Suggest the resolution)

Configuration file format is too old, syslog-ng is running in compatibility mode. Please update it to use the syslog-ng 3.29 format at your time of convenience. To upgrade the configuration, please review the warnings about incompatible changes printed by syslog-ng, and once completed change the @version header at the top of the configuration fi...

  • 1586 Posts
  • 61 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks