This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4593 Views
  • 0 replies
  • 1 Likes

Lost NGFW PA CLI superuser password

Hello. I have a question and I don't know if someone could help me with it. I have 2 users on the Palo Alto firewall is a PA220 One of them that CLI superuser and I don't remember the password The other one I have access to is admindevice but it won't let me create users via the GUI I have tried to take a copy of the firewall configuration,...

ccortijo by L2 Linker
  • 2650 Views
  • 4 replies
  • 0 Likes

PA-3430 Oracle Session Drop

We have multiple application servers that need to go through the firewall to access different oracle database servers, but after the recent replacement of the PA-3430, one of the application servers accessing the Oracle database session is unstable, and the other application server accesses other Oracle database servers through the firewall. Suc...

Global Protect Satellite over 2 ISP's

Hi, We have multiple branches connecting to a data center via Global Protect satellite connections. This works perfectly fine. We've now started installing redundant Internet links but I'm experiening issues with the GP Satellite config. Obviously, when you configure the Satellite IPSec tunnel, you need to specify the interface from which you...

rudiGQ by L0 Member
  • 1912 Views
  • 1 replies
  • 0 Likes

Resolved! Can't define Forward Trust certificate

Hello, We have a new firewall, PA-460 model. The panos version is 10.2.4-h2. I have a problem for define the Forward Trust certificate for the decryption. The certificate i want to declare for Forward trust is a root certificate of our domain. I import the certificate with is private key in pkcs12. When i check the case "Forward Trust Certifi...

CHARRIER by L2 Linker
  • 3722 Views
  • 5 replies
  • 0 Likes

Allowing only low-risk of a url category

Hello everyone, I have a requirement to adjust security policies in a way that only "white list" logic is enabled, and for one specific rule I have to allow only the low-risk category of given url category, for example training-and-tools, and not high-risk and medium-risk. However, the rule should not block the medium and high risk of trainin...

Shams.G by L0 Member
  • 3602 Views
  • 3 replies
  • 0 Likes

BGP peeering

Trying to setup a Two BGP session with 2 separate routers that provide internet access.The 3 devices (PA, router1 and router2) share the same network 10.9.9.0/25.BGP session 1 : PA <--> Router1BGP Session 2: PA <--> Router2the two sessions seems working fine when activating them individually, however when trying to establish the 2 se...

Resolved! UserID to be used in security policy - FW not offering user/group list

Hi, I have problem with User-ID not being selectable when creating/editing security policy rule. Setup is as followed: branch firewalls connected to Panorama Firewall 3400 with 10.2.4 software LDAP server configured Authentication profile configured Included groups in "user identification" configured User-ID configured (i am seeing domain\u...

szi7443 by L1 Bithead
  • 3480 Views
  • 5 replies
  • 0 Likes

Can we create a rule to match only the selected application without selecting WEb-Browsing dependency

Dear All, I need a community advice, we are migrating all our Firewalls from Checkpoint to Palo Alto. First Palo Alto was implemented 2 weeks ago, a PA 3420 version 10.2.4-h2 We are trying to transform the imported rules into Palo alto style. For example I want to create a rule to allow only access to "TeamViewer" application for some comput...

Resolved! GlobalProtect Portal provides 404 message

Best regards Team We upgraded a 3250 device from version 10.1.10 to version 10.2.4-h2. Once we performed the update, a problem arose with the GLobal Protetc portal, since if we look for it in the browser the message provided is 404 not found (see image). However, the ping to the portal is successful, likewise, if users try to connect from the VP...

Resolved! Flat Network across PA-415

Hello All, I have spent ages and days and a few weeks setting up a PA-415 to work with a group of LAN ports into one network set into a VLAN configuration using the on-board DHCP server. One of the engineers in this forum assisted me extensively and helped me build the settings. I found this idea/solution in this community and the only way to gr...

Ghost session after VPN down/up

Hello, I have an issue with many sites working with PA440 series. When the tunnel VPN fail down and comes up, some devices like printers, phones and access point can't connect normally to the network until that we clear old session related to the affected device. In printer we have job blocked and offline, access point also offline. Once we cl...

Mamoudou by L2 Linker
  • 2564 Views
  • 2 replies
  • 0 Likes
  • 1586 Posts
  • 61 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks