Configure the Firewall General Settings

Next-Generation Firewall

Configure the Firewall General Settings

Table of Contents

Configure the Firewall General Settings

Configure and specify the general firewall management settings.
Contact your account team to enable Cloud Management for NGFWs using Strata Cloud Manager.
Where Can I Use This?
What Do I Need?
  • NGFW (Cloud Managed)
  • VM-Series, funded with Software NGFW Credits
  • AIOps for NGFW Premium license (use the Strata Cloud Manager app)
After you successfully onboard your firewall to cloud management, you have the option to configure and specify the general firewall management settings. Configuring the general settings for a firewall isn’t required but is recommended. You can configure some or all of the firewall general settings as needed.
  1. Log in to cloud management.
  2. Select
    NGFW and Prisma Access
    Device Setup
    and select the Configuration Scope where you want to configure the general settings.
    You can select a folder or firewall from your
    or select
    to configure the general settings in a snippet.
  3. Click the cog wheel to edit the General Settings and
    If you modified the General Settings for a nested folder or individual device, you can
    Revert to Inherited
    to revert the General Settings configuration from the
    configuration to that inherited from the parent folder of the nester folder or that inherited from the folder the firewall is associated with.
  4. Enter the network
    domain name for the firewall (up to 31 characters).
  5. Enter text to display in the
    Login Banner
    on the firewall web interface login page (up to 3,200 characters).
    ) Check (enable)
    Force Admins to Acknowledge Login Banner
    to force administrators to select
    I Accept and Acknowledge the Statement Below
    when logging in to the firewall web interface. This forces local firewall admins to acknowledge the login banner before they can log into the firewall web interface.
  6. Select or create a
    SSL/TSL Service Profile
    to specify a certificate and the SSL/TSL protocol settings allowed on the management interface.
    The firewall uses this certificate to authenticate to administrators who access the web interface through the management (MGT) interface or through any other interface that supports HTTP/HTTPS management traffic. If you select
    , the firewall uses a predefined certificate.
  7. Select the
    Time Zone
    where the firewall is located.
  8. Select the
    where the firewall is located to specify the language for PDF reports generated locally on the firewall.
  9. Enter the
    -90.0 to
    90.0) and
    -180.0 to
    180.0) of the firewall.
  10. Check (enable)
    Automatically Acquire Commit Lock
    to automatically apply a commit lock when you change the candidate configuration.
    Enable this setting so that other administrators can’t make configuration changes until the first administrator commits their changes.
  11. Check (enable)
    Certificate Expiration Check
    to instruct the firewall to create a warning message when on-device certificates approach their expiration date.
  12. (
    VM-Series firewall only
    ) Check (enable)
    Use Hypervisor Assigned MAC Addresses
    to have the VM-Series firewall use the MAC address that the hypervisor assigned, instead of generating a MAC address using the PAN-OS custom schema.
  13. Check (enable)
    Tunnel Acceleration
    to improve performance and throughput for traffic going through GRE tunnels, VXLAN tunnels, and GTP-U tunnels. This option is enabled by default.
    If you disable or reenable Tunnel Acceleration and commit, you must reboot the firewall.
  14. Save
  15. Push Config
    to push your configuration changes.

Recommended For You