This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4519 Views
  • 0 replies
  • 1 Likes

Resolved! Threat Prevention License for PAN OS upgrade

We have a PA-220 firewall and we are updrading the PAN OS from version 10.1.13 to version 10.2.0. When we try to update the following error appears: "Upgrading from 10.1.13 to 10.2.0 requires a content version of 8529 or greater and found 8408-6715". To solve this issue, we tried to install a more recent Applications and Threats content version....

PA-400 Check software not working

Hi, I have a standalone PA-440 device which I tried to check for upgrades to update its PANOS from 11.0.x releases to 11.1, but the check for updates never pulled any new updates from Palo Alto repositories, and all I am getting is an empty list. What I tried so far: I verified the connectivity to the Palo updates websites ( DNS and service ...

Resolved! [China] Can't get device certificate on PA440

Hi everyone, We are based in Shanghai and we encounter an issue to generate a device certificate. On the web interface, we don't have the "Get certificat" option And when i try to request via CLI, nothing happen with the cmd "request certificate fetch" and i have a invalid syntax with "request certificate fetch opt 'opt number'" Thank in a...

Sauneuf_0-1730856124382.png
Sauneuf_1-1730856248383.png
Sauneuf_2-1730856479672.png
Sauneuf by L0 Member
  • 1364 Views
  • 1 replies
  • 0 Likes

Palo Alto-certified SFP check

Hello,Normally we use the following commands to check an SFP by Palo Alto Certified or not. how system state filter sys.s1.p19.physys.s1.p19.phy: { 'link-partner': { }, 'media': SFP-Plus-Fiber, 'sfp': { 'connector': LC, 'encoding': Reserved, 'identifier': SFP, 'transceiver': 10000B-SR, 'vendor-name': OEM , 'vendor-part-number': PAN-SFP-PLUS-SR ...

PAN OS Issues with MPLS Link

We noticed that the customer’s environment had an upgrade of the PA-440 to PAN-OS 11.1.4-h1, but they experienced an MPLS link-down issue. The same issue was observed on the remaining four firewalls. After downgrading to PAN-OS 10.2.10, the MPLS link was working fine. Could you please confirm if this is a known bug?

problem in integration with clearpass XML API

while trying to integrate Aruba ClearPass with PA to send login info and user role to PA from ClearPass using XML API the following errors appears in ClearPass side, and no error appear from PA side unable to post request to PAN (IP address), error: (httpsession): unable to execute POST request url:xxxxxxxcontext deadline exceeded (Client Timeo...

Enhancing OT Network Security with a 2.5 DMZ:

In our OT network, we're considering adding a Level 2.5 DMZ to bolster security. This would serve as an additional layer of protection between the control systems (Level 2) and the enterprise network (Level 4).Specific Design:Level 2.5 DMZ: Host third-party servers and Engineering Workstations (EWS).Level 3.5 DMZ: Maintain existing role as a DMZ...

Norkk87 by L0 Member
  • 1261 Views
  • 0 replies
  • 0 Likes

How to configure GRE over Ipsec

Hi team, How to configure GRE over Ipsec between PaloAlto and cisco Router using ospf? I need sample document for configure? If anyone did it before please share... I checked whole live community but there have no exact configuration. Thanks Al Amin

Al-Amin by L2 Linker
  • 803 Views
  • 0 replies
  • 0 Likes

Unified Log Timeout Field

PA14010, PANOS 11.1.x. Have TCP and UDP idle timeouts configured for 900 seconds globally, and as high as 86400 for some applications. Development team would like to see when the firewall enforces timeouts, as they think the firewall is causing failures. The Unified log under Monitoring has a 'Timeout' field which never has data, even when we cr...

  • 1795 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks