This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4514 Views
  • 0 replies
  • 1 Likes

Check whether PA-220 has already been registered

Hello All, Is there a simple way to check whether a PAN device has been registered before? I bought a supposedly unregistered PA-220, however I would like to know if the device has really not been registered before. Unfortunately there doesn't seem to be a support email address for Palo Alto, and creating a support account requires registering a...

SAML Integration with Local Authentication

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/authentication/configure-saml-authentication If the option 5 in step 3 on above KB is mandatory? Therefore, must the firewall use its own certificate to sign messages where is the public certificate is installed on the Idp? will the SAML Integration succeed if no local certificate is se...

Resolved! Parked domain blocked when traffic not decrypted - Custom URL categories not checked with encrypted traffic

Hi, I have an issue while trying to whitelist a parked trusted domain https://centaur-horizon.eu/. The traffic hits a rule with a URL filtering that has Parked set to Blocked but it also has a Custom URL Category called allow-Baseline as Allow and includes the parked domain. At first, the exception seemed to work but later we realized that for u...

IPSec Tunnel goes Down After Few Minutes

hi All, I am facing a strange issue with IPSec tunnels built on Palo Alto firewalls. Scenario: 1. On both ends we have Palo Alto firewalls(various models PA-220, PA440, PA-3220, PA-VM(AWS)) 2. Public IP addresses of both ends are always reachable. 3. Tunnel lights always look GREEN. 4. Routing also is in place, either with Static or OSPF rou...

PAN-OS 11.0.1 Review Polices Link

Hi All We are running pan-os 11 as a POC and have noticed that the "Review Policies" Link in applications and threats section does not appear to work, the review apps does and all new apps are correctly displayed but the Review Policies link from here also does not work.

Resolved! Selecting Appropriate Security Profile

I am planning to make a group profile of security profiles which include, Vulnerability protection , antivirus , anti spyware and wildfire analysis profile. I am planning to provide same group for every policy in firewall. I have few questions on this approach. 1. Is this a good practice , Do calling this group for every policy will increase fir...

Aaida by L1 Bithead
  • 2076 Views
  • 2 replies
  • 0 Likes

Multiple CDL instances in the same region

Hi Guys, Can one CSP account have multiple CDL instances in the same region for Firewall Log Service. Use case is the user want to separate logs of different firewalls to different CDL instances. And eventually, also to have multiple AIOPS instances in the same region to associate with each CDL instances accordingly. Example: Firewall 1 to ...

PAN-OS HA Clustering and Integrated management and logging

Hi, I have questions about PAN-OS HA clustering and management First, I read the document "HA Clustering Overview - PAN OS Admin Guide". and I was able to confirm about HA Clustering. However, there is a part in the HA Clustering part of the PAN OS Admin Guide that I do not check or understand, so I would like to ask a question about it. 1....

Resolved! commit failed custom url category exceed shared capacity

Hi, I have an issue about commit failed When upgrading the OS from 9.1.12 to 10.0.0, auto commit is not possible due to the following error. : error:Number of custom-url-category/external-url-list(51) exceeds shared capacity(50) : After restoring to 9.1.12, commit is possible, and the number of shares of Custom URL Category of 9.1.12 and 10.0....

Resolved! Client ikemgr phase 1 failure

Dear All, Below is summary of issue and resolution. 1. We added a new firewall to HA set-up. 2. HA was established properly. 3. While doing config sync from active to passive it was falling with error Client ikemgr phase 1 failure Resolution: Upon deep dive it was figure out that Master key between Active and passive firewall is mistmached...

Any upcoming PCNSE Exam Vouchers?

Hello Palo Alto Community! I hope this post finds you all in good health and high spirits. I'm reaching out to inquire about the availability of any upcoming PCNSE (Palo Alto Networks Certified Network Security Engineer) exam vouchers. I'm currently preparing for the PCNSE exam and would greatly appreciate any information regarding voucher relea...

  • 1794 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks