This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4551 Views
  • 0 replies
  • 1 Likes

Plugins are not supported on this platform

Configuring a pair of PA-3410 and a couple of PA-415 firewalls. I've just noticed that I can't install the OpenConfig plugin on the P-415 firewalls. Refreshing the plugins yields this message: "Plugins are not supported on this platform". Until now I wasn't aware of this limitation and can't find anything about this in any documentation. Does an...

dmgeurts by L2 Linker
  • 2011 Views
  • 0 replies
  • 2 Likes

traffic log did not display user information

The customer uses GP to dial in and adopts LDAP authentication method.After the customer dialed in normally, they accessed internal resources, but the source user colums in the traffic log did not display user information, which was normal before. The customer did not make any other changes, and the user id in the area was also checked.How to in...

traffic log.png
user-information.png
Felixcao by L3 Networker
  • 1695 Views
  • 3 replies
  • 0 Likes

Resolved! PanOS 10.1.14-h2 - How does Palo identify if traffic belongs to an 'ms-update' application flow

I need to understand exactly makes a TCP flow identified as the 'ms-update' application. I found the Objects -> Applications -> ms-update app description. It shows the ports used, and other dependencies. But this does not explain exactly what makes one flow identified as the 'ms-update' application. And a second flow identified as some ot...

Trial Software Esxi Download

Hello All, I am trying to get PA trial images for ESXI delpoyment, on supportal am not able to software update option to download the image. Can you please guide me how to prceed further or download the PA images for trial period. With Regards WATSQ

uniquewaheed_0-1721038413735.png

License registration

Hello , We have a customer . they had 1 PAlo NG FW and it is registered in their support account . Now customer had purchased 5 Palo clusters and Panorama through us ( Integrator) with 5 year Premium Partner support and we have our own ASC support account . Can we customer devices in our ASC account ? I know that devices should be only r...

Resolved! Management Interface and In Band Network Overlap

Hello, I have the management interface of some PAs in the 10.10.10.0/24 management network. This is the a corporate management network for network devices etc. I also want to inspect traffic on this network and have assigned a interface/security zone with the default gateway for the management network on the PAs. I am having trouble getting the ...

NSutfin_0-1699885772086.png
NSutfin by L2 Linker
  • 3029 Views
  • 2 replies
  • 0 Likes

Massive alets from PAN NGFW Source

Hello community, I need your help, At my last 30 days im getting alot of alerts to my XSIEM from PAN NGFW source about Prevented action from bad URLthe category is (Spyware Detected via Anti-Spyware profile) After block Url's and Domain and added them to Black List, i still get the same Url and domain trigger agine. Someone have idea what to do?

Y.Zalsov by L1 Bithead
  • 1306 Views
  • 2 replies
  • 0 Likes

NFS 4.0 vs 4.1

Looking for guidance around configuring a firewall for NFS 4.1 traffic. NFS traffic using NFS 4.0 works fine but when switching over to NFS 4.1 there is a huge amount of latency. To my understanding NFS 4.1 uses parallel nfs which is structured differently than previous nfs. Instead of the NFS Filer head (Server) being the gateway between the st...

Making PA-820 quieter??

Hi, I have an opportunity to grab one of company's Palo Alto PA-820 firewalls for free. It would be shame to dispose of perfectly operational hardware just because topology has changed and we have no use for it anymore. But - had one at home when I was learning PAN-OS and found it to be quite loud, and because my home lab setup in in living ...

R.Tryba by L1 Bithead
  • 1481 Views
  • 2 replies
  • 0 Likes

Migrating to multi-vsys environment

We recently decided to migrate to a multi-vsys environment for two of our data centers. The main reason for this is the shared gateway feature. We are starting to do a lot of disaster recovery planning, and need a segmented environment (with overlapping IPs), that can also share the internet connectivity. We were just using virtual routers to...

buck1 by L1 Bithead
  • 1582 Views
  • 1 replies
  • 0 Likes

Standby firewall restarting on 11.0.4-h1

Upgraded my 5250 firewall pair last week to 11.0.4-h1 for CVE-2024-3400. Since then, have seen my secondary/standby firewall reboot twice over the course of a week after a error of "HA Group 52: Dataplane is down: too many children exited". This never happened prior to this release. I am currently working with support, just waiting on a resp...

Smithm by L1 Bithead
  • 4769 Views
  • 6 replies
  • 1 Likes
  • 1588 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks