Next-Generation Firewall Discussions

Palo Alto Cluster Upgrade

Hi All,

Our current setup is We have Active/Passive on main dc and standalone fw on DR site. Configured as Cluster.

It is identified that the DR site is affected by a certain CVE, and it is recommended for upgrade. But we also wish to upgrade the

PA-820 SysLog to SIEM (Splunk) best practices

Hi,

I'm looking for a guide which includes best practice settings for SysLog when forwarding to Splunk (or other) SIEM. Is something like that available?

SSL Forward Proxy Problems

Hello.

I'm seeking some guidance from those who have configured this, and have it working.

I'm trying to configure the SSL forward proxy feature, to decrypt web traffic.

I can get this working no problems using a self signed certificate, but this is

Cant reset PA820 NGFW

Hi All

I don t have the correct credentials to log into my PA 820 and resorted to resetting the device . However upon restarting the firewall , I m not being presented with the option to enter maintenance mode ( Enter "maint" to boot to main partit

Network

Hi Team,

Data Filtering profile disappearing

I have a VM-series firewall in my lab, and I have all the licenses. I am facing a very strange issue, where the Data Filtering profile keeps disappearing and it only appears after I reload the webpage and again it disappears after I navigate to any o

PaloAlto VM showing Vxlan alert after upgrade

Hello Team,

Just the day after upgrading their VM firewall from 9.1.1.16 to 10.1.10-h2, customer has started receiving some critical alarms from their SNMP probe indicating: " Interface vxlan admin:up", however we have fully analysed the firewall a

Migrating from Windows DHCP to Palo Alto

Good afternoon, all!

I'm planning to migrate from my current Windows DHCP servers to Palo Alto DHCP.  I'm moving from Windows Server 2012 R2 to an HA pair of PA-850s running PanOS 10.1.9-h3.

Looking for traps, best practice, and any places to get bum

Authentication Profile not loading local web auth page

Trying to create an authentication profile so when traffic goes to an internal esxi host at https://10.10.245.99 they get an additional authentication prompt from the local firewall for a local firewall user. Very simplistic I was hoping. I followed

BI-DIRECTIONAL STATIC NAT NOT WORKING

Hi,

I have the following situation I want to do a bi-directional NAT for a complete subnet range.

I want to translate 192.168.96.0/24  -->  10.196.96.0/24 :   

   192.196.96.1  --> 10.196.96.1

    192.168.96.2 --> 10.196.96.2

... 

And this in both

Antivirus Download and Install Hanging

Pa11.0.1 onPa820 in High Avaliability mode.

The antivirus download and install update job has been at the "download in progress" status for several hours.

The last antivirus valid is:4406 -4923 of 31/03/2023.

The following resolution answer do