This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4552 Views
  • 0 replies
  • 1 Likes

Auto Commit Failed and Gray Interfaces after upgrade to 11.0.2-h2

Upgraded to 11.0.2-h2 on my 410 last night and the interfaces were all showing gray after reboot. Auto commit was failing with the following error and just kept trying and trying. client device phase 1 failureManagement server failed to send phase 1 to client logrcvrCommit failedFailed to commit policy to device Tech support said there's an ...

rhnac by L1 Bithead
  • 3234 Views
  • 2 replies
  • 2 Likes

Resolved! EDL - unable to get local issuer certificate

Hi, Having issues with EDL and certificates. Followed the best practices, and believe everything is set properly. running pa-8xx clusters running 10.1.9h3, all have the same issue opendbl.net cert chain is imported and set both root and intermediate in the cert profile. opendbl EDL created, cert profile attached and outbound policy applied....

orbcomm by L2 Linker
  • 11510 Views
  • 9 replies
  • 0 Likes

Resolved! SSL Forward Proxy Not Working

Hello all, another problem on my road to learning! I have created a self-signed CA Cert on my Palo Alto firewall. Exported to my Windows 10 box, imported into root CA store etc. I have set the cert as a Forward Trust Certificate, created a decryption policy and even added a custom SSL-Decrypt profile/policy. The action is decrypt. I can browse f...

GWynn by L3 Networker
  • 4701 Views
  • 7 replies
  • 0 Likes

URL Lookup Returns IP Address

We use a URL filtering profile to limit outbound traffic. Occasionally known good traffic will fail because an IP address, instead of the FQDN of the URL, is presented. The traffic is blocked because the URL (IP address) is in the "Unknown" URL category. What could be the cause of this random failure?

Resolved! How To use Certificate For Secure Web-GUI Access HA pair

Dear All, referred below link for Secure Web-GUI access, successfully done with my primary firewall, how can i achieve this when i have firewall in HA? How To use Certificate For Secure Web-GUI Access - Knowledge Base - Palo Alto Networks I will be using a self-signed certificate. and will distribute and install that certificate to necessary...

Resolved! portal-auth vs gateway-auth

Hi, I’m trying to understand Palo Alto VPN client, Global Protect login process with logs and I’m a little bit confused. What I can see in logs: First is: portal-auth. Then usually portal-gen-cookie Next gateway-auth And finally, gateway-register I would think the portal-auth would be login to PA portal but it is not so I’m quite confused what...

Create csv file for fqdn ip resolutions

Hi All I'm busy trying to extra IP's from my fqdn addresses.Wondering if i could get some guidance.I've done the set address set address ht-autodesk.com fqdn autodesk.com What i'd like to get out of this is resolution IP's for this fqdn.As i don't want to go via the GUI and extract 1 by one. I have 7 address groups applied to a policy with a...

Jeffrey_Makuch_0-1699941265034.png

Missing Port-Channels and Subinterfaces in ASA Migration

I am currently working on a project involving the migration of an ASA firewall. However, I have encountered an issue during the import process. After importing the configuration file, I have noticed that the port-channels and subinterfaces from the source ASA are not showing up in the new platform. This is problematic because utilizing the messa...

Info about the vulnerabilities and the possible remediations for them.

Dear All, I hope you could help me with the query I could not find answer. The customer is asking for the remediation of the detected vulnerabilities, which I've already researched and found some info about that I've grouped below:Client Side Testing - OTG-CLIENT-004 - Testing for Client Side URL Redirect ---------------------------------...

  • 1588 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks