This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4517 Views
  • 0 replies
  • 1 Likes

CPU issues on PA-3410

Hi Team, Need some help with respect to below query: Issue - We are using PA-3410 in our environment. We are monitoring this device using Logic Monitor tool. Our monitoring team states that they monitors CPU and memory utilization for Palo Alto devices using the “show system resources” command using API key instead of using SNMP OID. Our mon...

SSL policy rule and needed match application values

Hello, I have a quick question in regards to SSL decryption and policy match values. If I have SSL decryption, and I want to allow 'facebook-chat' for example, I know a policy rule with the app facebook-chat and it's dependencies 'facebook-base,mqtt-base' is needed. I also understand that the implicit use applications will be allowed through t...

Punite by L1 Bithead
  • 726 Views
  • 0 replies
  • 1 Likes

Please check the Max Decrypt session value of PA-3410.

HelloI'm curious about the number of SSL Decrypt sessions for PA-3410.I could see this on the product comparison site before, but I can't see it now.A customer using Decrypt wants that information.It's not even in the spec sheet or data sheet, where can I check it?- Max concurrent decryption sessionsI'd appreciate it if you could tell me

Rule UUIDs Always Change

Greetings Community! Apologies if this has been answered in a previous thread- I couldn't find anything... When exporting configuration files from PA-3220 I have noticed that sometimes the rule UUIDs are different than the previous config dump and sometimes they are the same. Can someone please explain why this is? What causes the rule UU...

Global Protect Custom Setup

Hi Guys I have 5 separate GP Captive Portals and I want to make a custom setup for all of them separately. I will deploy them separately from the network. Can we change the global protect msi package? I heard it can be done from Expedition, is it true? So how do we add the relevant portal into the msi package?

Fly_Al by L0 Member
  • 647 Views
  • 0 replies
  • 0 Likes

Resolved! Not able to apply QoS profile to interface

I am preparing firewall for interface change, and moving 2 sub interfaces to a separate aggregate ethernet. Current AE1.10, .20, .30, .40 Upcoming AE1.10, .20 AE10.30, .40 I have already created aggregate and its subinterfaces and are disabled, added fake IP/s routes and created NAT rules using new interfaces, to make it easier on the chan...

raji_toor by L4 Transporter
  • 7140 Views
  • 12 replies
  • 0 Likes

Flood protection (SYN) blocking/failing file downloads

Hopefully someone can make some sense as I can't find it. Still a little new to PA, though, but this is something I really don't get it.If I enable Zone Protection - Flood Protection (SYN) and choose "Syn Cookies" or "Random Early Drop" on internal and/or external zone, files from the internet cannot be downloaded anymore.And these are downloads...

HA pair not syncing after SSL cert change

Hi there folks, I'm trying to troubleshoot an issue with 2 firewalls where we uploaded the same SSL cert in both FWs and now they are not syncing. Our troubleshooting efforts have come to the following:- Reboot management server on both firewalls. - Config didn't change, this was working before the cert change. - removing and readding the ce...

Screenshot 2024-10-11 124237.jpg
  • 1795 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks