This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4518 Views
  • 0 replies
  • 1 Likes

Wrong Geo location

Hello, couple times we had issue with wrong geolocation. It is very interesting how PaloAlto create ip<->location database. example: from FW: show location ip 46.8.61.78 46.8.61.78Czech Republic regarding https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PPtECAW and any other geolocation service it is russian add...

GRE Tunnel and Multicast Traffic

Hi Everyone, Hi Team,We have been trying to configure GRE tunnel. From the configuration end, everything seems fine and we have already followed the official KBs but GRE tunnel nevers gets up. And this is affecting our multicast traffic flow. Same thing works fine from one of our Lab Firewall, GRE tunnel gets up and we can ping the client's en...

Resolved! Upgraded pa820 to 10.2.7, no acc info showing

Hi all, I upgraded our PA820 to 10.2.7, and somehow now the acc tabs don't show any information, in network, threats, blocked, only in globalprotect it shows data, I searched and found some information on the release notes, as well as searched around the web, found some talk about issues with PAN-OS 10.2.7. So there's bugs in 10.2.7 mainly in...

cdcirexx by L3 Networker
  • 5637 Views
  • 5 replies
  • 1 Likes

Palo Alto (KVM) VM-Series 30-day free trial Issues

Hello Team, Please I need help installing the KVM series NGFW evaluation copy on my laptop running EVE-NG on top of VMware workstation. I tried installing it, however it started showing errors and will not allow me login using the default username/password of admin/admin profile. Please find below the errors I am experiencing. 2023-12-09 19:51...

abuchi by L0 Member
  • 1401 Views
  • 0 replies
  • 0 Likes

Resolved! Security Policy

Hello, I have created a security policy with the below details. I am the hitting following URL https://10.x.x.x:15671 and I see the 'connection is reset' in the browser. I see traffic is hitting the policy (Hit count) but it's not logging. When I set the action to Deny/Drop/reset-client\reset-server the traffic is logging when hits the rule. W...

srikarpuligandla_0-1701627610318.png
srikarpuligandla_1-1701627668060.png

Demystifying the SSL Decryption on Palo Alto Firewall

On Palo Alto Firewall there are two ways to do SSL Decryption (two actions in the Decryption Policy). SSL Forward Proxy: for outbound connection (from an inside PC to an external server). Used for traffic to external servers PA Firewall splits the original session into two: client<—>PA<—>server The original server certificate is...

rmeddane_0-1701849987851.png
rmeddane_1-1701849987857.png
rmeddane_2-1701849987873.png
rmeddane_3-1701849987887.png
rmeddane by L2 Linker
  • 12723 Views
  • 0 replies
  • 3 Likes

URL Filtering to block Facebook

Hi all, I been testing to do URL filtering with whitelist approach (allow some URL and block everything) and also create SSL decrypt policy. As I was checking, it seems like not working to block facebook. I check in the test a site, Facebook fall under social-networking. When I check the log, there is no log under URL filtering that is hittin...

Momoj by L2 Linker
  • 9822 Views
  • 3 replies
  • 0 Likes
  • 1795 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks