This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4554 Views
  • 0 replies
  • 1 Likes

Routing client vpn over site to site tunnel

Hello everyone, I’m new to palo alto and I have the following problematic that I couldn’t solve. I have PA Firewall in my local site and it’s configured to allow site to site connection to a remote branch which works perfectly. In addition, I’ve set up client to site (to local site) connection and it works perfectly, I can reach all the resource...

John19 by L0 Member
  • 2070 Views
  • 1 replies
  • 0 Likes

Log Collector status", it gives me "Error"

Hello All, From the device-Setup-Management tab, there is "Logging and Reporting Settings". And when I click "Log Collector status", it gives me an "Error" The FW is connected to Panorama and it gets shared policies and objects and it seems like forwarding logs. What is the error indicated in firewall. Kindly suggest on this.

SunilduttJ_0-1672310556548.png

VPN Phase 2 Tunnel stuck

Hi, We have multiple S2S VPN with many vendors but facing issue with Fortinet. On our side we observe Phase 2 tunnel is up and packets are going out through Tunnel interface but no reply. Other party saying no issue on their end but once we restart that Phase 2 Proxy id, it starts working. Just to inform you that we have multiple Proxy ids. a...

ISG-JHAH by L0 Member
  • 3501 Views
  • 3 replies
  • 0 Likes

VM not working in Vmware 6.7

Hello, I am getting desperate :(. I am totally new in PA, this was supposed to be my first VM to lab and play with it. Anyway I have credits and I have OVA file. When I try to deploy it in Workstation on my local PC, it works. When I use the same OVA in our lab environment With VXLANs a Vmware 6.7 (NSX). Its not working at all. I am not able t...

JLoukota by L1 Bithead
  • 2977 Views
  • 3 replies
  • 0 Likes

Resolved! NGFW Telemetry Uploads Failing

We have been receiving critical alerts saying telemetry uploads on all of our NGFWs from all locations are failing since just past midnight EDT last night. The most relevant parts of the alert are: type: SYSTEMsubtype: device-telemetryeventid: send-failedobject:fmt: 0id: 0module: generalseverity: criticalopaque: Failed to send: file 'PA_&l...

KMcKenna by L2 Linker
  • 39145 Views
  • 12 replies
  • 1 Likes

PaloAlto does not pass through itself a request for AD

Hi !I have problem with connection PC to AD between which stands PaloAltoPC 192.168.10.10AD 192.168.30.40 (loc.lab)pings go from PC to AD 192.168.30.40 (loc.lab) and return successfullypings go from PC to loc.lab (192.168.30.40) and return successfullyBut when I try to connect a PC with a local account enter into the domain i get   when i t...

1PC.jpeg
1PC.jpeg
2PC.jpeg
PA_Metwork_InterfaceMgmt.jpeg

Automation of partial config load from xml

Hello, TL;DR : I use PA-VM 10.0.4 and paloaltonetworks.panos 2.12.2 galaxy ansible modules. Do you know a way to automate a partial config load from xml ? Ideally using ansible but maybe using API or python ? I tried several things with ansible, none of them are working. Ultimately I'd like to automate the use of this command, which is OK wi...

r000m5 by L0 Member
  • 2258 Views
  • 1 replies
  • 0 Likes

Resolved! I need routing between two internal networks

Hi ! I have a problem with setting up a static route between two internal networks. There is a networks 192.168.10.0/24 192.168.20.0/24 192.168.30.0/24 I want to ping between PC1 192.168.10.30/24 PC2 192.168.20.31/24 I can't figure out what I'm doing wrong Considering that machines from the inside have access to the Internet

1PC.jpeg
2PC.jpeg
PA_Network_VR.jpeg
PA_Network_Interface.jpeg

Threat ID 54532

Anyone have any experience dealing with Threat ID 54532? VBScript Obfuscation. See the offenses/detections but find nothing on the hosts source or destination that reflects a vbs script. Its all internal traffic. Could it be some other traffic that is getting incorrectly labeled as VBS?

Detection logic in content update

Greetings All, can you explain what is the meaning of the below when we receive new contents updates : "improved detection logic to cover a new exploit" "improved detection logic for decoder updates" "improved detection logic to address a possible fp issue" Thanks

Resolved! Absolute domain ending in .txt

HI all, i received from an external provider a .txt list to block in my palo alto. The list is not exactly a file ,is an absolute domain,i mean is like www.test.com/blacklist/domain.list.txt. This will be a dynamic list,so is there some way to save this domain as object in palo alto,adding to a policy,and palo alto will update automatically as f...

MGMGMG by L1 Bithead
  • 2779 Views
  • 3 replies
  • 0 Likes
  • 1589 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks