This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4555 Views
  • 0 replies
  • 1 Likes

Unexpected Classification of 443 Traffic as "naver-line" with Subcategory "voip-video

Hi everyone, 1) End user has confirmed that these users' computers do not have the LINE application installed. However, the 443 traffic is being identified as "naver-line," with a subcategory of "voip-video." Could you please help us understand the cause of this behavior? 2) And We noticed in the logs that certain activities are classified ...

Suhairul_Salleh_0-1725418752203.jpeg
Suhairul_Salleh_1-1725418788784.jpeg

palo alto 850 firmware upgradation

Hi All, Need to upgrade an palo alto 850 from 9.1.4 to 11.0. Basically i need a confirmation on below points. 1.Have only hardware support license, will it sufficient for firmware upgradation. PFA snapshot 2. As per below article i need to only download major release, while download and install the latest maintenance release of same version ...

Resolved! Max Connections per Second on PA3260

Hi, I'm trying to configure Flood Protection in the Zone Protection Profile of my PA3260 and wanted confirm what the Maximun connections per second is. The number I came across was 84,000. Is this correct? I should also add I'm using SYN cookies as the action. Thanks, John

Resolved! EDL for major Linux distros

Hi All, Do you have anu idea, if there is some external or unofficial EDL list with mirror servers for main Linux distros, so I can use it in the firewall rules? E.g. Fedora has this list of all mirror servers available online - Mirrors - MirrorManager (fedoraproject.org), but it changes dynamically during the time and it's unthinkable to upg...

IPsec Tunnel Down!

Hi Team, I'm a newbie at the Palo Alto firewall, and I've been checking the IPsec connection between PA850 at my sites. I'm encountering issues with the IPsec tunnel, which is not coming up. I tried establishing IPsec using the IP used for BGP peering, and it established without any problems. However, the problem arises when I us...

Decryption: Received fatal alert CertificateUnknown from client

Hi Folks, I'm seeing some instances of "Received fatal alert CertificateUnknown from client" errors in the decryption log when the root\issuer certs are clearly in the FW's cert store. Attached are screenshots of the error and the FW's cert store. Any ideas on what could be going wrong here? I'm seeing this on PAN OS 11.0.2-h3 & 10.2.7-h3...

Resolved! X-Forwarded-For displays wrong ip (v6) in logs

Hi. We have a azure setup, web application, where an agw first terminates traffic and applies xff and then forwards to firewalls which then decrypt the session. We have X-Forwarded-For enabled and usually works fine and displays the correct ipv4 address in logs. From time to time though logs instead display ipv6 addresses which we dont use and...

Firewallcrash because of Application cloud Engine (ACE)

Hi community Since about 2 weeks a vm firewall started getting problems with random crashes. Our setup is a firewallcluster but so far the active firewall crashes almost completely silent. At least the firewall does not initiate a failover to the passive node. So far we had about 4 crashes at random times and in one case the firewall crashed "...

Remo by L7 Applicator
  • 1011 Views
  • 0 replies
  • 1 Likes
  • 1589 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks