This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4593 Views
  • 0 replies
  • 1 Likes

Resolved! DUO MFA popup twice for approval login GloablProtect

We configured PA 850 firewall to use DUO for GloablProtect MFA. It works. However, we have an issue. In GloablProtect Gateway Configuration>Agent>Client Settings, if I add a user, for example blin. it works fine. If I add a AD OU, for example Employees, the login user will get two DUO aoorval popup twice. From the DUO Authentication, I...

boblin_0-1683769185596.png
boblin_1-1683769394673.png
boblin by L2 Linker
  • 4403 Views
  • 4 replies
  • 0 Likes

Resolved! problem to download files from Dropbox

We have added dropbox.com to OBJECTS>Custom Objects>URL Category. We can login dropbox online. However, can't download files with these errors: .pdf files are supported but something went wrong or There was an error downloading your file. Any help?

boblin by L2 Linker
  • 5513 Views
  • 4 replies
  • 0 Likes

Resolved! Authentication Sequence problem

I configured DUO Proxy for GloablProtect MFA redundancy on our PA 850 firewall using Authentication Sequence. This post shows how I configured: Configure two duo proxy servers for Palo alto firewall MFA redundancy – Net/PC How to (howtonetworking.com) The problem I have is when the top Authentication profile or DUO Proxy server is down, then t...

boblin_1-1683767742215.png
boblin by L2 Linker
  • 4159 Views
  • 2 replies
  • 0 Likes

New VPN effects on existing VPNs

I am very new to Palo Alto administration, having been a Checkpoint guy at my previous job. At my new job I am tasked with creating a new IPsec site to site VPN with a vendor on our perimeter firewall. There are already several other VPNs running. My question is, when I set up the new VPN, will it have any effects on currently running processes,...

URL Encording issue

I am using URL Block Page.However, there is a part where the & part appears as %26 in a specific URL. ex. I entered abc.d/&uid=B5C61D407 in the browser, but it appears as URL:abc.d/%26uid=B5C61D407 in the block page. Why is this and what can be done to fix it?

WooBak by L0 Member
  • 1481 Views
  • 1 replies
  • 0 Likes

migrating ASA to Palo alto with inline deployment

We are planning to migrate firewall from ASA to Palo Alto . Instead of performing hot cutover , we will install the Palo Alto firewall in-line along with existing ASA firewall using virtual wire interface type. Since we have many security zones on ASA and there are policies to allow access between zones, where can i place the new firewall and ...

Bkrishnamoorthy_0-1683291233455.png

Attempt accessing the active and/or passive firewalls fails with the error "fork failed: No space left on device"

Dear and valuable Live Community Members, I'm wondering if anyone has an issue when trying to access the MGMT interface off the active and/or passive firewalls and getting the error "fork failed: No space left on device" We were never able to access the firewall and in the end, we rebooted both devices to be able to access the management int...

Post OS Upgrade for PA-5220 from 9.1.4 to 10.2.3-h4 Users Started Experiencing Issues with Accessing MS Office 365 Applications Internally

Hi There, Recently, we upgraded the OS on our PA-5220 from 9.1.4 to 10.2.3-h4. Immediately after we upgraded to 10.2.3-h4 our helpdesk began receiving calls from users reporting that they cannot get logged into MS Office365 Applications, it'll never bring them to the MS prompt to input their Office365 email/password it'll just say "Can't reach...

Krystin by L0 Member
  • 2013 Views
  • 1 replies
  • 0 Likes

DNS resolution for management interface not working after upgrade to 10.2.3

Since upgrading our firewalls from 10.2.2-h2 to either 10.2.3 or 10.2.3-h2, any DNS resolution from the management interface is failing. Attempting to ping an FQDN from the CLI results in "ping: cnn.com: System error". I confirmed that the DNS servers configured in Device -> Setup -> Services and the management interface settings in Device...

sskannan by L1 Bithead
  • 5001 Views
  • 2 replies
  • 0 Likes

Trying to connect two separate networks that share the same IP addresses to a third networking using virtual routers and NAT on PA-440

We have a bunch of separate video networks that are separate, but use the same IP address space for each. Each is connected to their own dedicated switches and is attached to a couple of hundred cameras and a DVR. We would like to connect these networks to a Palo PA-440 and use virtual routers to accomplish this. Right now I have only two VRs co...

Resolved! WF

Hi guys, Besides Monitor - Logs - Wildfire Submissions, where else must we check whether Wildfire is working? Thanks All.

tinhnho by L3 Networker
  • 3909 Views
  • 4 replies
  • 0 Likes
  • 1586 Posts
  • 61 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks