This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4551 Views
  • 0 replies
  • 1 Likes

Global Counters if packet is dropped by QOS

Hi, Is there any global counter that might indicate if my session is beeing dropped by QOS? I have an issue where my BGP connection to prisma access drops but the tunnel to prisma access is always up. The issue is intermittent. If i would setup a global counter and filter on the bgp peer ip and keep the filter on. When i leave the ssh sessi...

zGomez by L3 Networker
  • 1030 Views
  • 1 replies
  • 0 Likes

PAN-OS 10.2.9-h9 release notes and CVE-2024-3400

The addresses issues listed in the release notes ( 1/8/24) for PAN-OS 10.2.9-h9 state: PAN-252214 A fix was made to address CVE-2024-3400. However this was previously stated as fixed in 10.2.9-h1. Is this 'duplicate reporting' or does this address a new exploit variant / scenario, not yet disclosed ? I note no change in preferred version page...

Does column "PA-7000-100G-NPC-A" mean that it also performs "DPC" firewalling tasks or does it only perform network tasks such as routing and...?

In the picture that I have put of the 7000 firewallDoes column "PA-7000-100G-NPC-A" mean that it also performs "DPC" firewalling tasks or does it only perform network tasks such as routing and...? -------------------------------------------------------------------------------------------------------------- PA-7000-100GNPC-A PA-7000- ...

benafra by L1 Bithead
  • 1415 Views
  • 1 replies
  • 0 Likes

Force URL-Filter if GlobalProtect is disconnected

Hi together! Is there a possibility to force a client to use a (local/cloud) URL-Filter if the Global Protect Client is NOT connected to the gateway? Enforce Global Protect connection / define 40 FQDN exceptions is not really a solution. Maybe there is a PA product / license which cover this topic? Best regards and thanks a lot in advance!

BGP Route Advertisement /Export Rule

Need some help with advertising specific routes over BGP and hoping someone can help. I have a site-to-site tunnel setup between AWS and my on-premise PA Firewall. I am receiving routes from AWS over BGP as expected. No issue there and I am able to create a redistribution profile & redist rule and advertise an existing static route listed ...

Cobraflo by L1 Bithead
  • 9892 Views
  • 5 replies
  • 0 Likes

QOS issue error

any idea on below error. Enviorment:-OS - 10 2 8 h2Model - 5220 2024-07-29 19:25:19.349 +0800 Error: gryphon_qos_perform_set(5200/gryphon_sysd.c:389): Set shaper on port 42 index 0 failed with ret -4

Load Balancing in NGFW

Hello All, I am writing to request if there is a way to perform load balancing in a firewall. Case in point an organization has two traffic links for internet lets call them link A and link B. So i need social media traffic to be rerouted to link A at the firewall and general traffic to be rerouted to link B and vice versa. The firewall in place...

spyware alerts for <something>.fmb.la

this just started popping up for DNS queries inside going outbound, my PA440 is dropping the packets as a spyware threat. This is quite a new development, probably last 24 hours. Example action below: name-of-threatid eq 'generic:com.fresh.fmb.la' anyone seen this before? I can't find anything on a Google nor a LiveCommunity search. -Jeff

Device Certificate Issues.

Hi Friends, One of our customer is facing issues in fetching the device certificate on a PA-410 device running on PAN OS 11.0.4-h2. We are logging into the CLI of the firewall with Super User credentials and try to fetch the certificate with the below command &gt; request certificate fetch opt &lt; &gt;It shows us invalid syntax error. From ...

Resolved! Block access to countries outside the GlobalProtect VPN

Good morning, reviewing the GlobalProtect logs I see brute force attacks from outside my country Spain. I have tried to create security policies that prevent these attempts but none have matched. In the portal configuration (external) I have tried to put Spain as high priority and the others as None but the FW does not give me that option. I ...

ccortijo by L2 Linker
  • 18392 Views
  • 7 replies
  • 0 Likes

PA-450 is not booting

Hi everyone, We are currently configuring a new Palo Alto PA-450 and the device is no longer accessible by web management and over console. At the first power on booting has been done normally and all led was blinking fine. We started access the WebUI and the device reboot automatically. Now it's not booting and the led status is amber in PWR,...

OOlivier by L0 Member
  • 2667 Views
  • 1 replies
  • 1 Likes
  • 1588 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks