This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

About laurence64

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
laurence64
‎05-14-2024
since ‎11-28-2020
L4 Transporter
User Activity
User Profile
Latest posts by laurence64
View All
User Badges
Community Statistics
Member Since ‎11-28-2020 12:38 AM
Date Last Visited ‎05-14-2024 06:43 AM
Posts 157
Total Likes Received 24

Re: Temporarily disable SSL decryption

by in General Topics
‎05-14-2024 02:51 AM
‎05-14-2024 02:51 AM
Hi @JayGolf    That is a good point, so I cleared the CACHE on the browser as the cert can sometimes get stuck there and in the end used a private browser but still decrypted, it was only when I disabled the decryption rule that the traffic was no longer decrypted, but to be fair I did not clear the sessions on the firewall, I will give this a try later today as an experiment, as far as I am aware there are no issues with the command so you are right it should work.   Thank you for replying so quickly! ... View more

Temporarily disable SSL decryption

by in General Topics
‎05-13-2024 03:48 AM
‎05-13-2024 03:48 AM
Hi   I was wondering if anybody knew if the temporary disable SSL decryption is actually broken or it is my firewall, I needed to switch it off as I was having issues getting to sso.paloaltonetworks.com (which oddly is not covered by exclusion list) and found that even after running the command set system setting ssl-decrypt skip-ssl-decrypt yes, the traffic was still decrypted, I had to disable the rules and commit to stop the firewall from decrypting, I was hoping to avoid this as it is a PA-220 and takes an age to commit configs, if anybody has any ideas please let me know, I am currently running 10.1.12   Thanks in advance, ... View more

Re: ACC shows ipv6 addresses in source/destination IP

by in General Topics
‎04-10-2024 01:23 AM
‎04-10-2024 01:23 AM
For what it is worth we recently deployed 5450's running 10.1.x the issue did not show up there.  ... View more

Re: Strata Sales training guide

by in Next-Generation Firewall Discussions
‎01-25-2024 09:53 AM
‎01-25-2024 09:53 AM
There is quite a lot of sales related material on beacon, if you have access to this. ... View more

Advanced Wildfire Allowing High Severity Verdicts but blocking Informational

by in Next-Generation Firewall Discussions
‎01-11-2024 02:11 AM
‎01-11-2024 02:11 AM
Hi   I have Advanced Wildfire in our Lab env and have noticed something very odd, when the firewall is submitting any files to Wildfire if they are returning "informational" they are blocked, if they are returning Malicious and "High" the action is allow, this has also been confirmed by the fact that the samples of Malware are being blocked by the Windows defender running on the test desktop.   I have configured decryption and allowed the forwarding of decrypted traffic ( I assume that the submissions would not show if this was not working correctly ) and have confirmed that the traffic is running across the defined rule and that rule has the Wildfire and Anti-virus profiles that are set to reset everything, this is very strange behavior and I am hoping that it is an omission in my configuration somewhere.   Additionally this does not seem to matter if the session is http or http2   Any help would be greatly received as this has me scratching my head at the moment.   Thank you in advance,   ... View more

Re: Expedition is not accessible through Web GUI

by in Expedition Discussions
‎10-24-2023 10:27 PM
‎10-24-2023 10:27 PM
Hi @dpuigdomenec    Sorry for the late reply and thank you for your response, I am fairly sure that I covered most of the points, but possibly not all, I will try and install again making sure that all your above points are addressed, I am sure there will be something I missed somewhere in there! Will update with my progress, thank you again! ... View more

Re: Expedition is not accessible through Web GUI

by in Expedition Discussions
‎10-14-2023 03:05 AM
‎10-14-2023 03:05 AM
I am experiencing a similar issue, although there are some additional aspects,    Failed to start panReadOrders.service: Unit panReadOrders.service not found. is one of the issues faced, as there is no '/var/www/html/OS/startup/panReadOrdersStarter' I am using Ubuntu 20.04.6, I followed the commands above but get a timed out connection when reinstalling expedition, any ideas ? ... View more

Re: User ID mapping from Exchange logs behind F5 loadbalancer

by in General Topics
‎09-06-2023 08:02 AM
‎09-06-2023 08:02 AM
Oh I see, I had your traffic flow all wrong, yes I would imagine that as the only device to see the x-forwarded-for header is IIS and that is where you are pulling your user-id from that you will need to user the regex to get it from IIS. ... View more

Re: User ID mapping from Exchange logs behind F5 loadbalancer

by in General Topics
‎09-05-2023 02:37 PM
‎09-05-2023 02:37 PM
Hi    Looking at the admin guide, this may be east to do, under device > setup > content-ID there is an option for x-forwarded-for headers, in this there is a drop down for enable for user-id or for security policy and then another option to strip this as the traffic passes, this would be the first place to look I think it is fully covered in the user-id section of the admin guide, this is on version 10.1 and above, you do not mention what version you are on but as user-id is fairly static in the methods to get user-id data in I presume that some older versions also support.   Hope this helps.     ... View more

Re: Export Configuration from Cloud Managed Prisma Access

by in Prisma Access Discussions
‎09-02-2023 12:51 AM
1 Kudo
‎09-02-2023 12:51 AM
1 Kudo
There has been several upgrades to Prisma Cloud since this thread was created, unfortunately we do not use it anymore in our organisation so I am out of the loop with the development of this feature. If you are still struggling I would speak to your SE/RE and see if they can help, at the very least if you are moving from a POC to production they should be able to complete this for you. ... View more

Re: Trial license limitations for palo alto vm

by in VM-Series in the Private Cloud
‎07-10-2023 02:30 AM
‎07-10-2023 02:30 AM
Have they give any indication of what the issue may be? I guess it makes sense that a trial license would allow full functionality or you wouldn't come away with the best impression of the product. ... View more

Re: Trial license limitations for palo alto vm

by in VM-Series in the Private Cloud
‎07-07-2023 04:39 AM
‎07-07-2023 04:39 AM
Ah, My mistake, I was assuming that the trials worked on the same basis as the eval licenses. ... View more

Re: Default password not working admin / admin

by in VM-Series in the Private Cloud
‎07-07-2023 03:54 AM
1 Kudo
‎07-07-2023 03:54 AM
1 Kudo
That can sometimes happen if there is a resource issue when building, the image (if I remember rightly) configures 5.5Gb mem as default, when the firewall really needs 6Gb they start to behave then! ... View more

Re: Trial license limitations for palo alto vm

by in VM-Series in the Private Cloud
‎07-07-2023 03:50 AM
‎07-07-2023 03:50 AM
Hi    As far as I am aware there should be no limitation to a trial license, as should the monitor tab to be honest. ... View more

PAN-OS 11.0.1 Review Polices Link

by in Next-Generation Firewall Discussions
‎05-26-2023 02:23 AM
‎05-26-2023 02:23 AM
Hi All   We are running pan-os 11 as a POC and have noticed that the "Review Policies" Link in applications and threats section does not appear to work, the review apps does and all new apps are correctly displayed but the Review Policies link from here also does not work. ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎05-14-2024 06:43 AM
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks