This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.
About Next-Generation Firewall Discussions
Palo Alto Networks Next-Generation Firewalls provide true, complete visibility everywhere, along with precise policy control. Ask your questions or provide insightful answers in the discussion forum specific to NGFW.

Discussions

Start a conversation

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4552 Views
  • 0 replies
  • 1 Likes

Resolved! Panorama certificates - deleted CSR

Hi all, I was processing with renewing cert for vpn on panorama. Generated CSR on panorama, get new cert from digicert. During importin new cert to panorama, by mistake I deleted generated csr. Is there any way to undelete, restore this deleted csr? I have exported csr on disk.

DaWeING by L0 Member
  • 2978 Views
  • 1 replies
  • 0 Likes

Post fixing the firewall from maintenance mode , facing issue in log forwarding

All, Recently our production PA-440 model firewall went into maintenance mode, and post rebooting it came back and all started working fine without any issue.After few minutes of firewall came up, it stopped generating and forwarding (traffic, Threat and configuration) logs to panorama.we did restart log-receiver and mgmt of the firewall , but s...

Sujanya by L3 Networker
  • 2683 Views
  • 2 replies
  • 0 Likes

Resolved! Log appearing when disabling HA Pair

Dear All, I have a question. I assumed that logs would be output on the active firewall by removing the passive firewall side of the HA configuration devices that are in operation, > at that time what kind of log is the output? (like, link downed?)> Is the log continuously output? or just only one time it appears? Thanks!

HA syn configuration

I have 2 PA-440 configure by HA,now one of FW hardware down,And I get a new FW from RMA.now I connect this new FW. When I press "Sync to peer device", it prompts me that synchronization failed. I understand because I have not imported the license to the new firewall. If I import the license into the new firewall, can I directly synchronize the a...

Zhangsx_0-1670573116908.png

User ID firewall integration with mapping server or AD

Have to enable User-ID for corporates users. Not able to locate documentation around best practices for user id. for example in my scenario. we have one domain xyz.com with 50 domain controllers to monitor. we have winRM installed on all the domain controllers. So we will be considering doing agentless user id integration. my questions are ...

Sukhmeet by L1 Bithead
  • 3149 Views
  • 1 replies
  • 0 Likes

DHCP Fail

Hello Community, I have a FW with eth0 configured as DHCP client and it gets IP, no problem. But then I see lots of DHCP Fail system messages between lease renewals: Are these normal? Thanks!

2022-11-28_16-22.png
Alex_S by L1 Bithead
  • 3847 Views
  • 4 replies
  • 0 Likes

Certificates duplicated from Primary to Secondary firewall in Palo alto

Hi All, We have 2 Palo alto firewalls in HA mode (Active-standby). Palo alto mode: PA-3220 OS Version: 10.1.6-h3 We create Unique certificates (for management, interdevice) in each firewall with hostname. After some time, the certificates in secondary firewall gets removed and the certificates from primary firewall are copied into secondary ...

SSL Decrytpion not working consistently on MAC's

We just installed SSL decryption ( not self signed) across our PANs. It is working fine with Windows workstations at office and at home. However, with MAC machines it is working inconsistently when at home and connected to global protect. Some sites it's picking up the SSL decryption cert while for others it wasn't. I have already tried to upg...

Resolved! Cisco Twice NAT

I am working a migration of a Cisco ASA Firewall to Palo Alto and the NATs are confusing. Here are a couple of the NATs: (Outside) to (Vendor) source static 10.5.1.0/24 10.5.1.0/24 destination static (10.24.49.47 & 10.24.49.46) (10.24.49.47 & 10.24.49.46) (Outside) to (Outside) source static 10.160.100.100 67.91.127.197 destinati...

PAN User-ID Agent

Hi All, I installed User-ID Agent on the Windows DC, and it is working somewhat successfully. For some odd reason it recognizes the users from our domain but on the app's monitoring tab, where I can see the IP-User correlations, sometimes the users are identified like this: domain\user and sometimes like this user@domain.com Sometimes the ...

  • 1589 Posts
  • 60 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks