This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4518 Views
  • 0 replies
  • 1 Likes

Windows-Update configuration PA-1410

Hello, I have a Microsoft Configuration Manager Current Branch 2403.It uses WSUS to get updates catalogs and download them. The server itself has its own way to retrive updates, it does not go via WSUS. Does anyone know how to configure this? I've used this website to configure a url category "windows update": https://learn.microsoft.com/fr-fr/...

Security Policy for SSL & Web-Browsing only

Hi, I was wondering, is it bad practice to create a security policy with only the applications SSL & Web-Browsing in it? Ensuring best practice security profiles are on the policy as well. I've tried searching the web for suggestions and might be missing it. If someone can point me in the right direction?

ArthurAT by L1 Bithead
  • 1128 Views
  • 2 replies
  • 0 Likes

Resolved! BGP on 3220 series

hello all I am working on a BGP configuration on a HA 3220 series install the BGP status is staying at connect not establish I enabled BGP on the IP addresses inbound /outbound -- no hits on the policy Q are there show commands or debugs that can help me determine what the issue is ? many thanks

S.Byrne by L3 Networker
  • 1560 Views
  • 2 replies
  • 0 Likes

About Correlation Object Detection

Attention: JAPAC TPM team I would like to know the following about Correlation Object (Beacon Detection) event generation.We recognize that Beacon Detection defines how many times a malicious activity (e.g. access to threat URL) in a given period of time from the following descriptions.[Correlation Object]https://docs.paloaltonetworks.com/pan-...

Ikev2 site to site vpn between pa and cisco asa

temporary security measures for all users.msdphiMessagesNotifications(English) USAGet StartedDiscussionsBlogsArticlesProductsToolsEducation ServicesMember RecognitionPodcastsCustomerPartnerEmployeeikev2 site to site VPN between PA and ASASearch this contentPanorama Dikev2 site to site VPN between PAHi All, I have a site to site VPN configured to...

msdphi by L2 Linker
  • 796 Views
  • 0 replies
  • 0 Likes

Agentless User-ID issue problem - AD Local Security Policy incompatibility

Hi, I was trying to set up an agentless User-ID configuration when I ran into this issue: my AD Local Security Policy has deny log on locally for Event Log Readers and Distributed COM users set up. For company security reasons, I cannot change this policy. What I want to know is if there's any other way I can set User-ID synchronization to avoid...

mR00t_s5 by L2 Linker
  • 1180 Views
  • 2 replies
  • 0 Likes

Migration to PAN from Cisco

Hello everyone,I am newbie to PAN Firewall. Sorry that I haven't got much experience on Firewalls.Currently we are in the middle of the migration as from the Cisco ASA with Firepower into PAN 1400 series. Have done some NATs and Security Policies migrations.The existing Cisco environment is with two Contexts and some experts assisted us to creat...

The difference between the values ​​shown in ACC and Live Session is too large.

Hi I recently discovered something strange while checking a customer's firewall. The customer firewall's session count typically has a count around 1.5 million. But the firewall ACC shows a figure of 4 million I know that ACC is not a real live count and therefore does not completely match the value shown in the CLI or Dashboard. But this ha...

PAN OS 11.1.4 h1 issues

The customer upgraded the PAN-OS to version 11.1.4-h1, but their MPLS link is down, similar to an interface port issue. The same problem occurred with versions 11.0.0 and 11.1.0, but on version 10.2.10, the MPLS link worked fine. The customer has manually set the link speed to 100 Mbps or higher, and it worked correctly, but when set to 'auto,' ...

Where to add Proxy ID with multiple tunnels?

Hey all, We have 3 firewalls: C1 = Cisco FW - Policy based S2S VPN -- subnet behind it 10.1.0.0/24 P2 = Palo FW - Route based S2S VPN -- subnet behind it 172.16.50.0/24 C3 = Cisco FW - Policy based S2S VPN -- subnet behind it 192.168.20.0/24 We have S2S tunnels as: C1 <---- tunnel.1---> P2 <-----tunnel.2-----> C3 Proxy ID on P2 are...

  • 1795 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks