This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4518 Views
  • 0 replies
  • 1 Likes

Active/Passive connection with Cisco Stack switches

Hello I would like to have confirmation. I need to connect my Palo Alto cluster firewall (active/passive) to a Cisco stack (with 2 members). If I want a fully redundancy, I need to create, on a each firewall, an aggregate with 2 interfaces and each interface is connected on a port on each Cisco member ? Are you agree with my schema bellow ? ...

JeromeC_0-1661760904358.png
JeromeC by L1 Bithead
  • 6163 Views
  • 5 replies
  • 0 Likes

Schema Node for xpath

For PANOS Firewall, I am using ansible to configure the firewall settings. The YMAL code i used to set the login banner is:- name: Set login banner panos_type_cmd: provider: '{{ provider }}' xpath: /config/devices/entry[@name='localhost.localdomain']/deviceconfig/system element: '<login-banner>hi</login-banner> Command in termin...

shanjing by L1 Bithead
  • 3379 Views
  • 4 replies
  • 0 Likes

Resolved! Importing SSL cert into PALOALTO Firewall

Hi, I am facing problem when I import the 3rd party generated ssl cert into firewall, for example: I generated the certificate locally on firewall and named it as mycert and when I exported it, it was named automatically to cert-mycert.csr after generating the 3rd party key and downloaded locally to my PC, the name of the new certs are on defa...

Global protec

Hi Team, Good day to you ! We have one customer he facing issue with the Global Protect VPN. The VPN disconnects unexpectedly, and after each disconnection, we need to remove and reinstall the VPN client. Could you please help us address the issue . Thanks & Regards Sasikumari.

Management CPU 100% - 50 report Active..

Hello. I've a 5220 PANOS-10.1.11. Since Yesterday the Management CPU is 100%. top - 09:46:04 up 119 days, 10:19, 1 user, load average: 3070.40, 3070.13, 306Tasks: 3363 total, 1 running, 3255 sleeping, 0 stopped, 1 zombie%Cpu(s): 2.2 us, 2.2 sy, 0.0 ni, 0.0 id, 95.6 wa, 0.0 hi, 0.0 si, 0.0 stKiB Mem : 32603284 total, 1443760 free, 9536840 used...

PA-3401 and PA-5410 at HA with virtual wires interface need restart to be up

When I deploy high availability PA-3410 and PA-5410 with virtual wires configured in the interface, I often encounter situations where the virtual wires interface of the second firewall added to the high availability group cannot be UP after the first firewall is working properly, while interfaces configured in other modes can be UP. This config...

shwang by L0 Member
  • 876 Views
  • 0 replies
  • 0 Likes

Unused PA820 firewall support contract renewal(support contract ended 1 year ago)

We have a pair of PA820 firewalls which are unused for year since the office closed in USA. We have shipped those appliances to one of our Switzerland office to reuse. I heard that paloalto cannot renew the support/subscriptions for these devices since the contract expired long ago. Is anyone can assist to understand why its not possible to rene...

Krupesha by L0 Member
  • 933 Views
  • 1 replies
  • 0 Likes

Limiting Whatsapp policy

Hey there, So we're looking into allowing Whatsapp app and calls in our Palo Alto. In order to allow calls we had to open the following applications- whatsapp, rtcp, rtp-base and stun (as Whatsapp depends on them).However we didn't manage to limit the destination to Whatsapp only.My concern and question, will this policy limit the traffic to Wha...

Identity collector on Palo alto

I have a question about a Checkpoint feature that I have to move on PA. ATM the Checkpoint use an agent called "Identity collector" to gets all user connected to the AD and populate the internal firewall table with User - IP. How it works now with CP: 1° AD server 2° Windows server with the Checkpoint Identity collector installed 3° Checkpoint F...

  • 1795 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks