This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4510 Views
  • 0 replies
  • 1 Likes

Migration assistance PA-5050 to PA-3420

Hi, I need assistance replacing a firewall cluster PA-5050 and standalone panorama by a firewall cluster PA-3420 and a cluster panorama. Actually the firewall cluster PA-5050 and standalone panorama are in production. The templates network is manage in locally PA-5050 and the devices group is manage by panorama. The new cluster PA-3420 is UP b...

Active/Passive FW with Primary/Backup ISP

Hi My ISP will provide an Internet access with primary access and backup access. We have an HA Active/Stand-by firewall. The primary Internet access will be directly connected on active FW and the backup Internet access will be connected on interface on stand-by FW as showing in the following diagram. My questions are : - How I must configure ...

jeromecarrier_0-1696920457143.png

Mitigation for DHCP Starvation attack in shared network zone (e.g.Eduroam)

Hi everyone, Is there anyway for us to utilize Palo NGFW to prevent or mitigate DHCP starvation attack. For example, a user's BYOD device is infected with malware, after authenticated with eduroam network, the device start performing DHCP starvation attack without the user even realize. I have tried looking online for solutions, there's re...

LuckyLau by L1 Bithead
  • 2108 Views
  • 1 replies
  • 0 Likes

IPsec VPN to tunnel public IP

We have requirement where client is wants to access internal resource over IPsec. Resource already exposed to internet and has public IP IP x.x.x.x, can the client access the x.x.x.x resource over IPsec and the same IP x.x.x.x will be available for the rest of the world over Internet?

sharink by L1 Bithead
  • 1146 Views
  • 1 replies
  • 0 Likes

Resolved! Threat prevention license and logging

I have a question:When my threat prevention and support license expires, can I still use the signatures version at the time of expiration? And on the firewall, I can still see the threat logs and traffic logs that match the threat profiles, right?

PAnh by L0 Member
  • 1929 Views
  • 1 replies
  • 0 Likes

Need help for account license

Hi All, My organisation purchase two quantity of PA-800 series firewall and associated license also. Problem is we have not received any account creation mail from OEM to register the devices and linked purchase licenses. Should palo alto provides evaluation license without registeration ? so that we can atleast bring the device into Network m...

PA - 3220 Secondary box Tech support file.

Hi expert, we are trying to Generate the Tech support file using Cli. The TSF file generated but file is not same as we are extracting from GUI. The File size is only two Mb. GUI response is very slow we are not able to generate the tech file. Thanks for your kind help== zip file is attached below

Resolved! Network Security

We have a one customer who is using URL Filtering . The customer is unable to access chat GPT Website . We have tried to change the URL profiles but still unable to access. We have checked the URL Filtering action should allowed but still unable to access. we have tried all possible ways. Kindly help me what should be done here. Regards S...

PPPOE authentication with Plusnet FTTP not working

Hi I wonder if someone can help with this issue, it's a weird one I have a PA-220 firewall connected directly to the ONT provided by BT and I am trying to get FTTP broadband working using PPPOE, the interface on the PA-220 that is connected to the ONT (ethernet 1/1) is configured to use PPPOE however the interface does not obtain a public IP add...

withers by L0 Member
  • 3489 Views
  • 1 replies
  • 0 Likes

Resolved! Create security policy & move to top at a time

When I create a security policy it goes bottom of the list. Is there any way that I can create the security policy it will go top of the list? I am using the below command.set device-group devicegroup-name pre-rulebase security rules rule1 from trust source any to untrust destination any application any service any category any action allow log-...

ssovee by L2 Linker
  • 2908 Views
  • 4 replies
  • 0 Likes

Having issues with ipsectunnel after upgrading FWs(5260s) to 10.1.3

Hello Palo Community! I have a a couple of ipsec tunnels connecting to a cloud vendor providing ERP services to our users. Since we upgraded our FWs to 10.1.3 a couple of weeks ago from 9.1.10, we are having issues with connection slowness, timeouts, ssh session termination, webpage not available etc where users aren't able to connect to any s...

JJoseph by L1 Bithead
  • 4372 Views
  • 2 replies
  • 0 Likes
  • 1794 Posts
  • 60 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks