Long story short, we purchased a Palo Alto 3260 to replace our ASA 5585. I'm looking into the best method, and easiest method to transition from our old device to the Palo. This tool looks like it would be a great option, but we do not have an Ubuntu server to use. We also cannot install an Ubuntu server, as that was already denied when asked.
Is there a way to get this installer to work on my Win10 machine?
If not, is there another method that I could use to transition from my ASA to the Palo?
The short answer is no there is not a supported way to run it on a windows 10 machine. However if you are familiar with docker and have the ability to run hyper V on your windows 10 machine you can always run it within a container, this is not a supported method but some people have discussed it on the forum ( https://live.paloaltonetworks.com/t5/expedition-discussions/docker-container-for-expedition/m-p/2907... ).
I hope this helps but as stated above it is not supported.
Thanks for the response.
Minus the migration tool, what is the best next step? Would a SPAN port be feasible to capture the data going through our ASA? Does the Palo build rules as part of the SPAN?
That I know of no the PAN will not build rules based off of what it sees over the SPAN port. Your best bet would be to export what you see in the traffic log and craft security policies around it probably but its quite the manual process.
That's correct. Expedition does not build rules based on traffic other than from a PANOS device, and via the traffic logs.
Regarding how to install Expedition in a Windows 10, I would say that the simplest option would be to run the current Expedition on a VMWare player.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!