This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4600 Views
  • 0 replies
  • 1 Likes

Palo Alto-certified SFP check

Hello,Normally we use the following commands to check an SFP by Palo Alto Certified or not. how system state filter sys.s1.p19.physys.s1.p19.phy: { 'link-partner': { }, 'media': SFP-Plus-Fiber, 'sfp': { 'connector': LC, 'encoding': Reserved, 'identifier': SFP, 'transceiver': 10000B-SR, 'vendor-name': OEM , 'vendor-part-number': PAN-SFP-PLUS-SR ...

PAN OS Issues with MPLS Link

We noticed that the customer’s environment had an upgrade of the PA-440 to PAN-OS 11.1.4-h1, but they experienced an MPLS link-down issue. The same issue was observed on the remaining four firewalls. After downgrading to PAN-OS 10.2.10, the MPLS link was working fine. Could you please confirm if this is a known bug?

problem in integration with clearpass XML API

while trying to integrate Aruba ClearPass with PA to send login info and user role to PA from ClearPass using XML API the following errors appears in ClearPass side, and no error appear from PA side unable to post request to PAN (IP address), error: (httpsession): unable to execute POST request url:xxxxxxxcontext deadline exceeded (Client Timeo...

Enhancing OT Network Security with a 2.5 DMZ:

In our OT network, we're considering adding a Level 2.5 DMZ to bolster security. This would serve as an additional layer of protection between the control systems (Level 2) and the enterprise network (Level 4).Specific Design:Level 2.5 DMZ: Host third-party servers and Engineering Workstations (EWS).Level 3.5 DMZ: Maintain existing role as a DMZ...

Norkk87 by L0 Member
  • 1379 Views
  • 0 replies
  • 0 Likes

How to configure GRE over Ipsec

Hi team, How to configure GRE over Ipsec between PaloAlto and cisco Router using ospf? I need sample document for configure? If anyone did it before please share... I checked whole live community but there have no exact configuration. Thanks Al Amin

Al-Amin by L2 Linker
  • 855 Views
  • 0 replies
  • 0 Likes

Unified Log Timeout Field

PA14010, PANOS 11.1.x. Have TCP and UDP idle timeouts configured for 900 seconds globally, and as high as 86400 for some applications. Development team would like to see when the firewall enforces timeouts, as they think the firewall is causing failures. The Unified log under Monitoring has a 'Timeout' field which never has data, even when we cr...

Paloalto FW HA(Active/Passive) OS Upgrade Procedure 10.1.X -> 11.1.X

HelloI have a question about upgrading the Palo Alto Fire Wall OS.From the 11.1.X version, we've seen that you can upgrade right away without a 10.2.X or 11.0.X install. ex) OS Upgrade(10.1.13-h1 -> 11.1.5)I ran the test on my Standalone firewall (10.1.13-h1) and verified that the upgrade was successful through 11.1.5 install after 11.1.0, 1...

sky95hhhh_0-1730177508043.png

PaloAlto Firewall and Cisco Expressway integration with NAT Reflection

In Cisco Expressway Series with Single NIC Deployment, the Cisco Expressway Core must be configured to point to the Fully Qualified Domain Name (FQDN) of the Cisco Expressway Edge, this FQDN must be resolved to the Public IP of Cisco Expressway Edge, instead of its private IP, this is one of the challenge in this type of deployment, because with...

rmeddane_0-1729974486754.png
rmeddane_1-1729974486755.png
rmeddane_2-1729974486757.png
rmeddane_3-1729974486758.png
rmeddane by L2 Linker
  • 2753 Views
  • 0 replies
  • 0 Likes

I need to upload response page

I am currently in the process of planning to upload a custom webpage to my Palo Alto device. However, I would like to automate this process through an API call. I have the HTML content for the webpage stored in a variable and I would like to upload it to the following path. Any references or suggestions in this regard would be greatly appreciate...

  • 1587 Posts
  • 61 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks