About JRussell

My PA 2020 box has been a bit slow of late, and it also has failed on 2 commits so I thought I would drop onto CLI and do a debug software restart management-server as this would usually pick things up when I have had the problem in the past. But when I do this command I get the following Process 'mgmtsrvr' executing RESTART Jul 31 12:06:35 Error: pan_read_full(comm_utils.c:97): srvr: fatal recv error. sock=3 err=Connection reset by peer (131) I wondered if anyone could suggest to me as to why this would be happening and if there is any way to get around it. I did this same command last week and got the same error, but when it let me back into the web interface the commits then started going through ok. And then it is ok for a while. Incidentally, the error I was getting on the commit fails was Management server failed to send phase 1 abort to client logrcvr Management server failed to send phase 1 abort to client sslvpn Management server failed to send phase 1 to client websrvr Management server failed to send phase 1 abort to client websrvr Management server failed to send phase 1 abort to client sslmgr ... View more

Hi there, I have a unique linux firewall box (that connects back to PA via Ipsec tunnels) on one of my sites. It is unique in the fact it requires 5 NIC's for the networks there. It only uses 3 phase 2 Ipsec tunnels which is the same on all my sites, but I have noticed some issues. Namely that some of the time only 2 out of 3 tunnels come up. Sometimes all 3 come up, sometimes only 2. Fortunately the Main LAN always comes up, so users are not affected. Phase 1 tunnel comes up fine every time. So I am trying to build a replacement box to test (as well as a backup in case the live one goes down), but when I boot the box up I get the Phase 1 come up fine. Then the main LAN Ipsec tunnel comes up. But for some reason it takes a very long time for that 2nd one to come up. The original box was built by my predecessor and he left no documentation as to how he built this box. I realize that this isn't necessarily a Palo problem, but it connects back to my PA firewall and all my other boxes of the same build are connecting without issue. Any suggestions would be greatly appreciated. Is there perhaps some way I can monitor the Phase 2 portions of the Ipsec so that I can see what is happening? Apart from the system logs is there anywhere I can look to try help me identify the issue? ... View more

Hi there, Like most people I know, everyone has at least 1 windows xp computer on their network. Due to the nature of our business we have a few (some due to legacy apps). But my question is that, come April and Microsoft's cut off point for support, will having one of these operating sytems behind a Palo Alto firewall that has Anti-virus and threat&app detection be enough? Obviously all the systems are running anti-virus. But if the media is to be believed come April the only way a Windows XP computer will be safe from attack is it if was completely offline. Whereas I like to think, if the firewall is secure enough and the rules are tightly controlled as to what is allowed in and out, it should not be a problem. What are the communities thoughts on this? ... View more

I have a problem that my PA 2020 firewall is not generating any new logs. I was on a remote session with an engineer yesterday for something unrelated and in the course of that call the logs stopped generating. It wasn't until today that I went and checked the logs for a problem I was trying to investigate did I notice the logs stopped generating around 1pm yesterday. Is there a command to turn the logs off/on? All my security rules are still set to log traffic. ... View more