Next-Generation Firewall Discussions

Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Resolved! Decommission IPSec site to site VPN

Hi All,

 

I have been looking at the best way to decommission VPN tunnels on Palo Alto firewall, and I could only find disabling the IKE phase1 and the IPSec tunnels. is there a recommended way to decom IPSec VPN tunnels on Palo Alto firewalls?

 

Tha

...

PALO ALTO 200 takes time to fail over

 

Hi All,

 

We have a OLD Palo Alto 200 on one of our sites in OKI. We performed an annual fail over test last week.

 

Here is what happened which is weird on panorama Secondary Firewall is showing as a Primary and it was on color red while the prima

...

weezy by L2 Linker
  • 839 Views
  • 0 replies
  • 0 Likes

BGP route map

Hello

 

Here is a simple use case.

 

I have 3 palo, on 3 DC, and for each DC i have a router from on ISP with one single /28 public IP network.

 

One computer can move from one DC to one DC. For exposed server, behind a NAT, i am trying to advertise

...

XFF

Hi

I am hosting a website behind ngfw.

The traffic comes from google load balancer, and i would like to LOG ONLY the x-forward IP (the original).

I have used this kb: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/policy/identify-users-co

...

chens by L3 Networker
  • 880 Views
  • 1 replies
  • 0 Likes

polycom会议电话流量经过palo alto防火墙,发现会议到达16分钟左右会断开连接

如上面所说,当流量跳过防火墙是连接同一台交换机,状态正常,专线网络,没有做nat,会话保持时间也是默认的3600,尝试过override 策略,流量也匹配正常,但是情况还在,抓包分析,流量建立了三次握手以后,后续会出现超时的流量,网络层是正常的,不明白会有超时的数据,有人碰到过吗,有什么解决建议。

 

zhangfw_0-1697776779864.png
zhangfw_1-1697776863671.png
zhangfw by L0 Member
  • 880 Views
  • 1 replies
  • 0 Likes

Customer Firewall Transfer

Hello Guys,

I am new on the Palo Alto Environment, i work a lot with Fortinet.

So in the Fortinet "world" i can register an account like a customer and require for try some of their products, like FortiEMS, FortiOS VM, FortiAnalyzer Etc, all of this

...

  • 1417 Posts
  • 48 Subscriptions
Top Liked Authors