This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4600 Views
  • 0 replies
  • 1 Likes

Log Subtype

Hi All, I need some information on checking the logs. I see few things like END, DENY, SPYWARE, INFORMATION etc and in the action we see it as allowed. But the access will not be working. May i know what this Log Subtype means and what information will it give us in troubleshooting? When it says ALLOW as action then why in Subtype it is Deny. Ho...

Webex issue with Mobile Users

Hi All, We are facing weird issues with Mobile users accessing the Webex Phone Services. Wifi users connecting to laptop doesn't face any issues. But when the phone is connected to Wifi users are unable to access Webex Phone Services. Not really sure if anything additinal needs to be done for mobile users accessing webex. Users on Android gettin...

Palo Alto Networks next-generation firewalls Threat prevention signatures

Hello. Please currently i'm studying the Palo Alto Networks next-generation firewalls Threat prevention module, and 'm interested in the list of the available signatures (description, severity ranking, Threat type, ). I found that threat vault can give this informations : https://threatvault.paloaltonetworks.com/ but for that we need to provid...

lonis23i by L1 Bithead
  • 4861 Views
  • 7 replies
  • 0 Likes

Unable to create a support account

I want to register one new PA-220 firewall. I need to create one Palo Alto support account, however, I failed to create it. 1. I input my email address 2. All contact information 3. Serial Number of the PA-220 firewall 4. Order Number. I purchased it on eBay, I input the Order Number on the Invoice from the seller. After I submitted the applic...

Firewall servicing as UserID Client - limit

Good Morning, Searching for a PA doc I found a while back and my google-fu is failing me. Looking for the documented limit of clients who can connect to a PanOS device acting as a redistribution agent. I'm positive I saw 1000 at one point a few years ago, but unable to find it again. Command query to see current CLIENTs firewall 1000 is ac...

After an upgrade to version 10.2.3 h4 I got this message: 2023/03/08 20:52:23 info     general        general 0  Received conflicting ARP on interf

After an upgrade to version 10.2.3 h4 I got this message: 2023/03/08 20:52:23 info general general 0 Received conflicting ARP on interface ethernet1/4 indicating duplicate IP 172.16.0.1, sender mac 00:50:56:92:cd:0c And this address is for the other peer . The firewall is a VM300

No DPD message while peer tunnel is down

Problems with IPSEC VPN tunnel between PAN FW PLWALFWxx and the BlueCoat datacenters (Amsterdam, Frankfurt) DPD does not seem to work. Extra Information: PLWALFW = PANOS 10.2.2.h2 INTERNET FW = PANOS 8.1.x We have IPSEC tunnels between our PAN FW and BlueCoat Datacenters. BlueCoat were doing maintenance on their datapods last week. DPD on ...

Resolved! Allowed SSL traffic reporting as policy-deny

We have a decryption rule to allow user internet access over SSL. Access to LinkedIn was working until 2 days back we started getting certificate error with validity expired. All users accessing the internet use the same CA signed certificate with no issues. I have attached the logs showing access permitted but the session end reason is policy-...

How to Test a Vulnerability Protection Rule

Hello Everyone, I have a use case that I’m trying to test in a lab, but I can’t figure out how to perform the test, and I’m looking for guidance. My use case is to drop traffic if the firewall detects certain CVE vulnerabilities in the traffic. My question is, how can I actually test this if my test endpoint is not vulnerable, or I do not know...

LDAP Integration with Redhat IPA in Palo Alto Firewall

Dear Teammate, How can I integrate with the LDAP feature of RedHat (IDM) IPA server authentication on Palo Alto Firewall, I tried to configure in Palo Alto LDAP configuration setting as the documents reference by official site but it's not working, Palo Alto to IPA Server is reachable connection and related port are already open in RedHat and ...

Certificate

I have two expired certificates that have expired. I am new to the position so i am still learning how everything is setup here. We have 4 total certificates. Two of which are expired. One of the active certificates is for our VPN but I am not sure what the other 3 are used for. Can you help pls. I am trying to figure out if I need to renew the ...

hmrjason by L0 Member
  • 1681 Views
  • 2 replies
  • 0 Likes

Integrating 3rd Party feeds in Palo Alto firewall for blocking IOC's

We would like to know if we can integrate 3rd Party feeds in Palo Alto firewall for blocking IOC's automatically. Generally we seen people integrate Open Source threat intel with SIEM etc with Virus total and IBM Xforce xchange https://www.dshield.org/block.txthttps://blocklist.greensnow.co/greensnow.txtOpen source threat intel to block IOC's au...

  • 1587 Posts
  • 61 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks