This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4508 Views
  • 0 replies
  • 1 Likes

Create csv file for fqdn ip resolutions

Hi All I'm busy trying to extra IP's from my fqdn addresses.Wondering if i could get some guidance.I've done the set address set address ht-autodesk.com fqdn autodesk.com What i'd like to get out of this is resolution IP's for this fqdn.As i don't want to go via the GUI and extract 1 by one. I have 7 address groups applied to a policy with a...

Jeffrey_Makuch_0-1699941265034.png

Missing Port-Channels and Subinterfaces in ASA Migration

I am currently working on a project involving the migration of an ASA firewall. However, I have encountered an issue during the import process. After importing the configuration file, I have noticed that the port-channels and subinterfaces from the source ASA are not showing up in the new platform. This is problematic because utilizing the messa...

Info about the vulnerabilities and the possible remediations for them.

Dear All, I hope you could help me with the query I could not find answer. The customer is asking for the remediation of the detected vulnerabilities, which I've already researched and found some info about that I've grouped below:Client Side Testing - OTG-CLIENT-004 - Testing for Client Side URL Redirect ---------------------------------...

updating ntp server from old to new IP Addresses

Hello Experts, can you please help me with the query below? We have 2 Palo Alto NGFW in high availability and currently it is being managed via panorama. recently my organization has decided to decommission old ntp servers due to some issues. They have setup new NTP servers and provided us with the new IP addresses which need to be updated ...

LDAP Authentication Profile for non-local users

Hi Team,I am trying to use LDAP as an Authentication Profile for non-local users.I am aware of guide on "Device > Authentication Settings > Authentication Profile" that states "Only RADIUS, TACACS+ and SAML methods are supported".Nevertheless, I have set the LDAP server as an authentication profile, and confirmed that authentication and au...

junghwan by L1 Bithead
  • 3301 Views
  • 4 replies
  • 0 Likes

User-ID implementation and the impact on network

We are planning to run user IDs on our PA-5200 series firewalls.I see the factors determined in https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClpICAS that we have to take in account but do not see any definitive answers. We know we can control the Server Log Monitor Frequency but we wanted to get an opinion to see whe...

Resolved! How can I delete security rules from CLI?

I did a search but the commands suggested below do not work on the cli. What Am I doing wrong? I'm trying to delete 400+ rules, I have the rules in an excel workbook. I just want to prepare the command on the excel and copy and paste it to delete the rules. Its a PA5020 running version 10.1.9-h1 configure delete rulebase security rules RuleNam...

Palo Alto Cluster Upgrade

Hi All, Our current setup is We have Active/Passive on main dc and standalone fw on DR site. Configured as Cluster. It is identified that the DR site is affected by a certain CVE, and it is recommended for upgrade. But we also wish to upgrade the Active/Passive Main DC firewall. I cannot find any articles on how to upgrade an Firewall Clus...

SSL Forward Proxy Problems

Hello. I'm seeking some guidance from those who have configured this, and have it working. I'm trying to configure the SSL forward proxy feature, to decrypt web traffic. I can get this working no problems using a self signed certificate, but this is problematic for devices such as phones and tablets. I can certainly push the certificate to comp...

JDavis36 by L0 Member
  • 1857 Views
  • 1 replies
  • 0 Likes

Cant reset PA820 NGFW

Hi All I don t have the correct credentials to log into my PA 820 and resorted to resetting the device . However upon restarting the firewall , I m not being presented with the option to enter maintenance mode ( Enter "maint" to boot to main partition ) . It prompting for the login credentials instead. Any assistance would be appreciated ...

Network

Hi Team, Yesterday evening, Our device was gone down in between 4:00PM to 5:50 Pm. If we check its STS light is showing orange. We rebooted the device once but not getting any output . But after few minutes STS light shown green. confirm the RCA of the issue Note : Our firewall is working fine now. Our device is randomly gone down on Yesterd...

Data Filtering profile disappearing

I have a VM-series firewall in my lab, and I have all the licenses. I am facing a very strange issue, where the Data Filtering profile keeps disappearing and it only appears after I reload the webpage and again it disappears after I navigate to any other tab and return to the Objects tab. Any idea why it is happening and did anyone else faced th...

  • 1794 Posts
  • 60 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks