This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4518 Views
  • 0 replies
  • 1 Likes

Question about REST API in PAN OS

Hi everyone, I have a question about REST API in PAN OS. 1. When a query is generated using rest api in pan os, what is the process/daemon that handles this task? And how can I check it (from CLI or GUI)? 2. How many CPU/memory resources are consumed (used) when processing REST API queries? 3. If I want to use REST API, what should I con...

Generate Certificate to be Signed by Public CA for Global Protect VPN

Hi All, We would like to use our GlobalProtect VPN using certificate signed by Public CA. As the CA team is requesting to generate CSR from Palo Alto Firewall , can I follow below article to generate? https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClSxCAK And we have two ISPs connected to PaloAlto Firewalls and we ...

EvanRaci by L1 Bithead
  • 2938 Views
  • 2 replies
  • 0 Likes

Service Route in Palo Alto | Role based authentication | Running & Candidate configurations | Backup configurations

In our series of Network Security from Basic to advanced theories & practical discussion, today is below target What is the Services Route & how to configure it Role base user management, authentication & creating users to assign rights, etc. Running & candidate configurations Configuration Management What is Service Ro...

ReadTech_1-1689676777261.png
ReadTech_0-1689676736116.png
ReadTech by L1 Bithead
  • 1285 Views
  • 0 replies
  • 0 Likes

Resolved! PA-415 Multiple interfaces into one VLAN

Hello ALl, I am hoping somebody can help with my configuration as I seem to be stumbling and hitting a brick wall the whole week. The firewall is a PA-415 running SW 11.0.0 Ethernet 1/1 is set as a WAN interface. Ethernet 1/2 = no configuration Ethernet 1/3 = no configuration Ethernet 1/4 = 192.168.4.1 / 24 [Set as default LAN, layer 3] Ethern...

Custom URL filtering policy

we created two custom policies where some listed URLs or domains will allow on specific workstations and others will be denied. After implementing these policies we found that listed allow list URLs or websites can be accessible but end users only can see the website content without Images. We had a support call with PA team but didn't resolve t...

a_Islam by L0 Member
  • 1792 Views
  • 3 replies
  • 0 Likes

PA-820 Interface configured but down

As the title states. I have an interface on PA-820 that shows "configured but down". This is really silly but I know the interface was "switched off" by another network admin. Under Advance --> LinkState is set to Auto already. There is some other setting that put the interface in a non-workable state which I just cannot find it.

ITBrute by L0 Member
  • 5053 Views
  • 3 replies
  • 0 Likes

System Alert opaque: failed authentication for user ''. Reason: User is not in allowlist. auth profile 'GP', vsys 'vsys1', From: "public IP"

Hi, I've been receiving many system alerts with the message: opaque: failed authentication for user ''. Reason: User is not in allowlist. auth profile '', vsys 'vsys1', From" "Public IP" eventid: auth-fail It looks like these public IP's are trying to access our internal network by coming through Global Protect App. Coming from many differ...

roma by L2 Linker
  • 4752 Views
  • 1 replies
  • 0 Likes

Zone types | Interface Types | Tap mode | Virtual wire | Firewall Migrations

The series of IP Network Security from Beginner to Expert Both conceptual & Practical, has some fundamental topics we already covered in previous articles, today we will explain below topics Interface & Zone Types L2/L3 and Tap Virtual Wire & Tunnel In our previous posts, the definition & types of...

ReadTech_0-1688652710161.png
ReadTech by L1 Bithead
  • 2810 Views
  • 0 replies
  • 0 Likes

Many system event about "ha2-link-change" that made HA2 status was down from 23:02:35 (19/Nov/2022) until 17:29:11 (20/Nov/2022) ,HA2 status is Up

Hi Guys, During weekend I found many system event about 'ha2-link-change' on Firewall event that was generated more 1400++ events/periods and send more email notification.This events was occurred for 2 periods that made HA2 status was down from 23:02:35 (19/Nov/2022) until 17:29:11 (20/Nov/2022) ,HA2 status is show Up .First time at 23:0...

Jirapan by L1 Bithead
  • 2875 Views
  • 2 replies
  • 0 Likes

Resolved! Palo Alto GlocalProtect VPN

Hi All, Currently, we have Palo Alto global protect VPN client ver 5.x. Can we upgrade to VPN client 6.2 directly from version 5.x? Also, does VPN client 6.2 supports PAN-OS 9.1.16? (This is the machine we are running GlobalProtect Portal and GlobalProtect Gateway)

  • 1795 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks