This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4523 Views
  • 0 replies
  • 1 Likes

NTP Not synced but got time-learn in Logs

Hi Team, Ntp not synched but got initiate time-learn in logs.>show ntp ntp not synched, using local clock status : rejected reachable: yes authentication-type: none Have tried to set it to public server still the same. And also when try to set manually, it reset the time to the previous time. So is it sync or not sync I am getting time-le...

Design suggestion

Hi All, I'm from network team not Firewall team. Presently we have ASA FW which we are planning to replace with two Palo's. Presently we have one WAN link going to the FW and one link to LAN router. Now how to connect two Palo's when we have one WAN link This is what i thought of but in this i have a question that will the FW support Layer 3 p...

anee4285_1-1737725715924.png
anee4285_2-1737726251355.png
anee4285 by L0 Member
  • 892 Views
  • 2 replies
  • 0 Likes

PA 5250 Factory Reset failure

Hello, I wanted to reset a PA5250 via CLI. Nothing special. However, this was aborted at 0% with the message “Factory reset failed”. After the error, I am no longer able to access the CLI, as the message appears permanently as soon as I write something. Not even access to the maint works. Unfortunately I cannot open Case because Palo Alto no lon...

m.Barman by L1 Bithead
  • 1249 Views
  • 4 replies
  • 0 Likes

HA (active Passive) 10.1.X to 11.1.X upgrade path

Hi, I will upgrade a paranoma VM in 10.1.5 and a pair of managed firewalls in HA Active passive from the same verstion to 11.1.XThis guide indicates I need to go through every feature release when upgrading HA firewalls:"When upgrading HA firewalls across multiple feature PAN-OS releases, you must upgrade each HA peer to the same feature PAN-OS ...

IP List limitations

We would like to integrate with AbuseIPDB after seeing numerous global protect VPN logon failures. We've greatly slowed this process down but it was a manual process of pulling reports to a list and we have an EDL download this list on a regularly scheduled basis.Instead of a manual process, we were going to with Panorama API key and scripting ...

ksauer507 by L3 Networker
  • 1797 Views
  • 2 replies
  • 0 Likes

Shared Folder Credential Problem with NAT

Hi team, We have a problem with a shared folder, the problem is:Client 21.172 connects to 21.174 through a shared folder, without credentials.When NAT is activated, and the same shared folder is opened, it asks for credentials, and does not allow the connection. FW PAN: PAN-445 SO 11.1.4-h7 The Security Policy is configured any in services a...

Clientless VPN issues

The customer is experiencing issues with the clientless VPN on PAN-OS 11.1.5-h1. Previously, on version 11.1.3, it was working smoothly. The issue occurs when the customer tries to log in to the GlobalProtect portal—it redirects to the clientless VPN portal. However, this behavior was not observed on version 11.1.3, where it was functioning prop...

Service l3svc restarts in loop on PA-1410

Hello, In my new PA 1410 I've noticed that the l3svc service restarts in a loop.The PA-1410s are in version 11.1.4-h7I restarted the l3-service ( debug software restart process l3-service ) with no change. Also restarted the mgt plane (also the firewall) but I continue to see this in system log : 0 l3svc: Exited 4 times, waiting 210 seconds t...

Mamoudou by L2 Linker
  • 607 Views
  • 0 replies
  • 0 Likes

URL filtering response Page

Hi Friends, We have a requirement regarding the URL filtering response page. Currently, when a URL is blocked due to a predefined or custom URL category, the URL blocked response page is displayed. However, if the traffic is denied through the QUIC protocol, the predefined URL response page does not appear. Is it possible to display the URL fi...

Satyak by L3 Networker
  • 1080 Views
  • 1 replies
  • 0 Likes

Resolved! New error after power outage event: CloudAuthService Server certificate validation failed. Dest Addr: license.api.paloaltonetworks.com

Maybe I'm just low on sleep, but something doesn't seem to be lining up here. Had a power outage over the weekend and am now getting these High severity system notifications from a PA440 about every 10 minutes. > CloudAuthService Server certificate validation failed. Dest Addr: license.api.paloaltonetworks.com, Reason: self signed certificate...

How to check temperature sensors from GUI

Hi, I was wondering if it is possible to check the temperature sensors of a Paloalto PA-220 firewall from the GUI. I have seen that it is possible to check via the CLI, but I do not have immediate access to the CLI and was wondering if it could be done through the GUI. Thank you in advance

GRC_INF by L0 Member
  • 1905 Views
  • 1 replies
  • 0 Likes

User-id agent Servicer connection using Kerberos

Hi Our Palo NGFW connects to AD servers using Kerberos as part of the user-id feature. We have received advisories from other networking partners that MS is applying a change in the way it enforces certificate based authentication - KB5014754. Does anyone know if or how this may affect the user-id authentication on the Palo? Any advice on how ...

Joe_Ng by L1 Bithead
  • 635 Views
  • 0 replies
  • 0 Likes
  • 1795 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks