This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4514 Views
  • 0 replies
  • 1 Likes

Log Retention for PA-1400

Hi, Specifically for PA-1420, I aware the storage capacity is 240GB. Is there anyway I can know the duration of log retention for 700 users? From what I understand, log retention is affected by the space on disk, not on the number of user. When you run out of it, firewall will automatically deletes oldest entries in that specific log, whethe...

Send File to CDL Receiver Failed

Hi all, I have a PA-440 currently at 10.2.7-h3. After performing PAN-OS upgrade, there is an error on telemetry stating "Send File to CDL Receiver Failed". I found a similar article and applied the suggestion by retrieving the license key again but with no successful. https://live.paloaltonetworks.com/t5/general-topics/enable-device-...

Black_Sunglass_0-1710311214322.png

Resolved! Distributed VPN attack

Recently we experience distributed VPN dictionary attack on our Palo Alto Global Protect from different countries, ISPs and hundreds of IP addresses. Since we have MFA the attack was unsuccessful so far but I want to stop it somehow. The malicious actor seems to adopt the attack to our protection measures. Originally it was addressing our Global...

Unable to get PCCET Certificate

Dear ALL, I have completed all my exam for PCCET certificate but i am unable to get the PCCET certificate. i have completed below exam and attached the certificate. SASE Fundamentals Cybersecurity Fundamentals Security Operations Fundamentals Cloud Security Fundamentals Network Security Fundamentals Please help me to get the PCCET Certificate.

1507dayalpathak_0-1717477173584.png

Allow dark trace rst packets

We have a 5220 at the core of our network making east / west decisions between LAN segments and dark trace (DT) appliance. I currently have the DT appliance configured to take autonomous action with DT respond. One of the ways DT enforces this is by sending TCP RST packets to the "infected pc," by spoofing the source and/or destination IP addre...

can not create Costomer Application to override google-cloud-storage-base for specific URLs

Hello everyone, On a required page the application google-cloud-storage-base is used as CDN:https://storage.googleapis.com/abc-bca-ger/uploads/....At the same time, the google-cloud-storage-base application should be blocked for all other purposes. To achieve this, I have tried to create a user-defined application. In the first step I tried e...

DenisB_0-1717397271175.png

traffic does not appear in 3260 module

traffic in monitor tab does not appear. After rebooting the firewall, it appears for only 1 day and does not appear after that.We checked the retention and max quota and also, we checked the storage, and all is good. The problem starts after upgrading the firewall to 10.1.12.

HKatbay by L1 Bithead
  • 884 Views
  • 0 replies
  • 0 Likes

Firewall already registered and upgrade path

Hello we have got a customer and they have purchased 5 X PA1400 series Customer has CSP account and he registered one PA and it went well but when he tried to register 2nd PA , it shows This serial number is already registered . How is this possible ? Is this related to any Auth code or something ? Secondly , customer has PA 3200 series...

How could i drop"unknown RADIUS authentication protocol"?

Hi! Recently we were receiving in our environment alerts of failed authentications from different random IP's and random usernames, i was able to reduce them following the next article: Detecting Brute Force Attack on GlobalProtect Portal Page - Knowledge Base - Palo Alto Networks, and creating a dynamic list, adding tags with forward logs, drop...

RTudon_0-1717006652029.png
R.Tudon by L1 Bithead
  • 1195 Views
  • 0 replies
  • 0 Likes

Radius Authentication Profile

hello I am configuring a GP gateway for Radius Authentication I am using the CLI test authentication command to test I can ping the Radius host and confirmed Secret my troubleshooting shows packets allowed by the Security policy I cannot see any packets to the Radius host in the packet captures in any of the stages what do you think my n...

S.Byrne by L3 Networker
  • 3263 Views
  • 4 replies
  • 0 Likes

PA-3260 HA firewalls flapping - Dataplane restarts, PanOS-10.2.5

Hello Experts We have a pair of HA PA-3260 firewalls and we are running into issues of multiple random dataplane restarts causing HA failover. We were initially on 10.2.4-h2 and after facing the issue with random restarts decided to upgrade to the 10.2.5 release. From the below article, this should have been resolved in 10.2.5. Still, we are...

Resolved! Has there been any recent change from Palo side in regards to blocking traffic to AWS Services such as Sagemaker and Bedrock?

My customers has observed that all of a sudden they were unable to access AWS Sagemaker service from their AWS console. Observed that that firewall was blocking this traffic and customer has to add application "amazon-sagemaker" explicitly in their configuration for it to work. There was no change from their end. Has there any changes from Palo ...

  • 1794 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks