Next-Generation Firewall Discussions

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Configuring GlobalProtect and DMZ Web Server

Hello, Thank you for entering this post, the reason for it is that I am trying to configure the GlobalProtect VPN and a web server in a completely separate Zone. The programmer will have access to the server through this VPN and we will subsequently...

Resolved! The block page for custom URL Filtering categories is not displaying, whereas it is visible for predefined categories.

Hi team,

The block page for custom URL Filtering categories is not displaying, whereas it is visible for predefined categories.

Predefined category :

Custom category:

Logs:

Blocking is effective, but the block page appears exclusively for predefin

...

Unable to download software and dynamic updates

Hello Team,

We want to upgrade the palo alto device from current version 10.1.5-h1 to version 11.0.

DMC Web Server Configuration Issue- Need Assistance

I'm currently encountering an issue with the configuration of my DMC web server. Despite user Experience, APK Zip file, android users FM WhatsAp trying various troubleshooting steps, I haven't been able to resolve this issue. Has anyone faced a simil

...

Auto Commit Failed and Gray Interfaces after upgrade to 11.0.2-h2

Upgraded to 11.0.2-h2 on my 410 last night and the interfaces were all showing gray after reboot. Auto commit was failing with the following error and just kept trying and trying.

client device phase 1 failure
Management server failed to send phase

...

Resolved! PA-440 not showing Dynamic Updates for Url Filtering

Hello, I'm using PA-400 PANos 10.2.6 and can't see the updates for URL Filtering (not even one DB). Antivirus, Wildfire, Apps and Threats are shown. I have advanced url filtering licence.

Does anyone know how to solve this?

Regards,

Luis

Resolved! Unable to See Data Redistribution Tab after upgradation

Hi,

I am unable to see data redistribution tab after upgrading my firewalls from 9.1.x to 10.1.x

Any thoughts.

OSPF issue betwwen PA VM-100 and Cisco 4431

Hello everyon,

I have an strange issue with OSPF, it is working normaly but one or two time in 24 hour palo alto loses its neighbors for 1 to 5 seconds.

I tied to troubleshoot and get message:

**** AUDIT 0x3e01 - 210 (0000) **** I:001d0046 F:00000

...

Resolved! EDL - unable to get local issuer certificate

Hi,

Having issues with EDL and certificates. Followed the best practices, and believe everything is set properly.

running pa-8xx clusters running 10.1.9h3, all have the same issue

opendbl.net cert chain is imported and set both root and intermed

...

SFTP file transfer restrict

Is there a way to restrict the use of SFTP for file transfers?

The condition must be allowed SFTP, but restrict only permit upload and deny download, or only permit download and deny upload.

application based rule

Hi All ,
We are planning to implement application based rule like under application tab add required app and under service tab add application default.
However what would be best approach to apply rule where application is showing "incomplete".
Currentl

...

Resolved! renewal the Wildcard certificate Procedure

Can some one explain how to renewal the Wildcard certificate Procedure

Resolved! SSL Forward Proxy Not Working

Hello all, another problem on my road to learning! I have created a self-signed CA Cert on my Palo Alto firewall. Exported to my Windows 10 box, imported into root CA store etc. I have set the cert as a Forward Trust Certificate, created a decryption

...

URL Lookup Returns IP Address

We use a URL filtering profile to limit outbound traffic. Occasionally known good traffic will fail because an IP address, instead of the FQDN of the URL, is presented. The traffic is blocked because the URL (IP address) is in the "Unknown" URL cat

...

Resolved! How To use Certificate For Secure Web-GUI Access HA pair

Dear All,

referred below link for Secure Web-GUI access, successfully done with my primary firewall, how can i achieve this when i have firewall in HA?

How To use Certificate For Secure Web-GUI Access - Knowledge Base - Palo Alto Networks

I will

...

Next-Generation Firewall Discussions

Discussions

Welcome to the Next-Generation Firewall Discussions!

Rules and Best Practices

Resolved! Configuring GlobalProtect and DMZ Web Server

Resolved! The block page for custom URL Filtering categories is not displaying, whereas it is visible for predefined categories.

Unable to download software and dynamic updates

DMC Web Server Configuration Issue- Need Assistance

Auto Commit Failed and Gray Interfaces after upgrade to 11.0.2-h2

Resolved! PA-440 not showing Dynamic Updates for Url Filtering

Resolved! Unable to See Data Redistribution Tab after upgradation

OSPF issue betwwen PA VM-100 and Cisco 4431

Resolved! EDL - unable to get local issuer certificate

SFTP file transfer restrict

application based rule

Resolved! renewal the Wildcard certificate Procedure

Resolved! SSL Forward Proxy Not Working

URL Lookup Returns IP Address

Resolved! How To use Certificate For Secure Web-GUI Access HA pair

Normal mode failure. Software-integrity self-tests failed - files changed

Package manager upgrade failures to certain sites

openSSH version 9.8 or later in PAN-OS

Panos 11.1.4-h1

Data Filtering with Google Drive

Re: openSSH version 9.8 or later in PAN-OS

Re: openSSH version 9.8 or later in PAN-OS

Re: Queries on Packet Captures.

Re: Interface Errors after upgrade - VM Series

Re: Restart button is grayed out under both IKE Info and Tunnel Info on IPSec tunnels

Unlock your full community experience!

Next-Generation Firewall Discussions

Rules and Best Practices

Resolved! Configuring GlobalProtect and DMZ Web Server

Resolved! The block page for custom URL Filtering categories is not displaying, whereas it is visible for predefined categories.

Resolved! PA-440 not showing Dynamic Updates for Url Filtering

Resolved! Unable to See Data Redistribution Tab after upgradation

Resolved! EDL - unable to get local issuer certificate

Resolved! renewal the Wildcard certificate Procedure

Resolved! SSL Forward Proxy Not Working

Resolved! How To use Certificate For Secure Web-GUI Access HA pair