This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4551 Views
  • 0 replies
  • 1 Likes

PA-3401 and PA-5410 at HA with virtual wires interface need restart to be up

When I deploy high availability PA-3410 and PA-5410 with virtual wires configured in the interface, I often encounter situations where the virtual wires interface of the second firewall added to the high availability group cannot be UP after the first firewall is working properly, while interfaces configured in other modes can be UP. This config...

shwang by L0 Member
  • 886 Views
  • 0 replies
  • 0 Likes

Unused PA820 firewall support contract renewal(support contract ended 1 year ago)

We have a pair of PA820 firewalls which are unused for year since the office closed in USA. We have shipped those appliances to one of our Switzerland office to reuse. I heard that paloalto cannot renew the support/subscriptions for these devices since the contract expired long ago. Is anyone can assist to understand why its not possible to rene...

Krupesha by L0 Member
  • 958 Views
  • 1 replies
  • 0 Likes

Limiting Whatsapp policy

Hey there, So we're looking into allowing Whatsapp app and calls in our Palo Alto. In order to allow calls we had to open the following applications- whatsapp, rtcp, rtp-base and stun (as Whatsapp depends on them).However we didn't manage to limit the destination to Whatsapp only.My concern and question, will this policy limit the traffic to Wha...

Identity collector on Palo alto

I have a question about a Checkpoint feature that I have to move on PA. ATM the Checkpoint use an agent called "Identity collector" to gets all user connected to the AD and populate the internal firewall table with User - IP. How it works now with CP: 1° AD server 2° Windows server with the Checkpoint Identity collector installed 3° Checkpoint F...

Voyceglobal issues with PA

We are using Ipads using the VoyceGlobal application to find interpreters globally. The application runs fine off the firewall. Once we use the FW to access the application it simply hangs while trying to stablish communication. It uses twilio and https applications. I have tried disabling SIP LAG, also tried application override for twilio. I h...

lestrada by L2 Linker
  • 716 Views
  • 0 replies
  • 0 Likes

Lacp Issues Peer Not Detected

Hello Dear Forum. we are running 2 pa-3320 in Ha Actiave/passive mode both of which have aggregated ports. recently we've moved our server room to a different room and have reconfigured some of out network components. after reconnecting everything in the correct order, the passive unit can't reach our DC Servers. the ae1 link seems to...

saml-message-parse-error

Hi, I saw this alert on our corporate firewall ; 'Failed to convert SAML message payload into xml tree', as a high level, Is there anyone to explain what this means and what this situation effects to our SAML vpn configurations? Please inform to me, Have a good day.

Decrypt log missing in list of logs

I spent several hours yesterday trying to get decryption working. Everything kept coming back to being able to view the decryption log under Monitor>Logs>Decryption. However, my Palos did not have a "Decryption" option under Logs, and I could not figure out why, and could not find any documentation to explain why I could not see that opt...

Error: update_rlog_mgmtsrvr_fwd_stats(panDeviceLogging_access.c:710): panDeviceLoggingMIB update_rlog_mgmtsrvr_fwd_stats(): No sysd node found

Hello community, I have encountered the SUBJECT error while t-shooting a SNMP connectivity issue on a PA-220. searching the internet I have not found a similar message anywhere therefor I thought I'd reach out to see if anyone can help with figuring out why this is showing only that line/error in a span of almost 3 months), Spoiler (Highl...

Kobiher by L2 Linker
  • 1317 Views
  • 0 replies
  • 0 Likes
  • 1588 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks