This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4595 Views
  • 0 replies
  • 1 Likes

Is there tool available to sync the config from physical Paloalto on-premise the disaster recovery site in Azure?

We have onpremise network and paloalto firewalls and zone base zero trust config and we want to have the DR in Azure on virtual firewalls and looking for the way to convert and sync the config from on-premise physical firewalls to Azure virtual firewalls. I know there are some magic need to be done to convert vlans to subnets/vnets and update al...

Facing packet dropping issue after imported configuration.

The issue is currently planning to migrate PA220 to PA440. We have imported the configuration file from PA220 to PA440, The network is down and facing packet drops Then we disabled the HA and disabled the ECMP configuration, but the same issue persists. We took a backup from PA220 and then imported it to PA440 after 6 hours we faced a packet d...

PAN-OS NGFW - LDAP Authentication via Group Membership - Admin UI

Hello, I'm trying to set up NGFW in a lab environment where all users have an account defined in a centralized authentication store. We're using FreeIPA, which provides authentication services via LDAP and Kerberos. I've gotten authentication working with LDAP, but it requires specifying a unique Administrator account and then pointing it to...

PBF based on URL Filtering/Application

hi everyone, We have a PBF Rule allow all internal users to internet via our ISP1. And I want to create another PBF rule on top of the above PBF rule to allow Instagram application traffic towards ISP2? I look through the below KB but it is not doable: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clq1CAC So i wan...

LeoLion by L0 Member
  • 3399 Views
  • 5 replies
  • 0 Likes

URL Category behavior with rule match condition question

I came across behavior that confused and concerned me recently. I had a test rule with the following conditions set: Source Zone (LAN) Source user Destination Zone (WAN) Application (ANY) URL Category (not in Profile/Action section, but in Service/URL section) I was under the understanding that the URL Category is part of the match condition ...

Traffic: Logs and Indexes and Current Retention

Found our that our FW1 only able to keep 4 days of traffic logs but took more space than FW02 which able to log up to 15 days ( previously FW2 in active for around 2 weeks+) FW01 FW02 Disk usage: traffic: Logs and Indexes: 34G Current Retention: 4 days threat: Logs and Indexes: 18G Current Retention: 6 days system: Logs and Indexes...

LDAPS TLS Handshake Failure

Hello, I upgraded one of our PA devices from 10.1.9 to 10.2.4-h4. LDAPS was configured to access and gather user's info from DC. But it stoped working after upgrade. I captured traffic and saw following error - TLS Handshake Failure. I know that starting version 10.2 Palo Alto Networks has changed requrements for certificates. I checked ours and...

m0tash by L1 Bithead
  • 3795 Views
  • 4 replies
  • 0 Likes

URL Filtering Category level (Streaming Media ) Blocking or Custom Blocking is not working for Youtube.

Palo Alto URL Filtering allows blocked URL categories if one keep refreshing the page. The issue is particularly seen with Youtube.com. We have blocked Streaming Media category and Custom URL to block youtube.com. However the web page is opened after multiple refresh. URL Filtering monitoring logs shows traffic is blocked .However we can access ...

  • 1586 Posts
  • 61 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks