This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

About MMCiobanu

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience. Visit our blog to learn more.

MMCiobanu
‎07-14-2017
since ‎02-03-2014
L3 Networker
User Activity
User Profile
Latest posts by MMCiobanu
View All
My Liked Posts
View All
User Badges
Community Statistics
Member Since ‎02-03-2014 04:54 PM
Date Last Visited ‎07-14-2017 04:49 PM
Posts 61
Total Likes Received 6

Re: User-id-agent Upgrade to 6.0.3

by in General Topics
‎06-16-2014 07:40 AM
‎06-16-2014 07:40 AM
Hello, The intention is to upgrade the user-id agent to 6.0.3, after upgrading the Panorama and firewalls to 6.0.3 (had to go from 6.0.2 to 6.0.3 because of issues encountered in 6.0.2), but later on; Thank you for replying to this. ... View more

Re: User-id-agent Upgrade to 6.0.3

by in General Topics
‎06-13-2014 09:42 AM
‎06-13-2014 09:42 AM
Thank you. ... View more

Re: HTTPS traffic suddenly blocked

by in General Topics
‎06-12-2014 04:21 PM
‎06-12-2014 04:21 PM
Hi, Thank you very much for the answer; in mean while, I got somebody from PaloAlto Networks support team to take a look and he found that we were actually running out of SSL decrypt session buffer. He particularly looked at the Proxy session values, when running this command: debug dataplane pool statistics and at the total number of ssl-decrypt sessions, by running this command: show session all filter ssl-decrypt yes count yes We moved our mailboxes to the cloud, on Office365, and there were about 7000 ssl-decrypt session only related to this traffic alone. we found it using these commands: show session all filter ssl-decrypt yes application ms-exchange count yes show session all filter ssl-decrypt yes application rpc-over-http count yes. We had to exclude all the internal clients going to Office365 servers from being decrypted, by adding a Decrypt rule: This helped us drop down the ssl-decrypt sessions count; however, I am surprised that a 5Gbps capable firewall is not built to handle more than 16,000 concurrent ssl-decrypt session when almost all web traffic is now running over ssl. ... View more

User-id-agent Upgrade to 6.0.3

by in General Topics
‎06-12-2014 02:12 PM
‎06-12-2014 02:12 PM
Hi, We are planing on upgrading from 5.0.8 to 6.0.2, and we are currently user user-id agents on our DCs; do we need to also upgrade the user-id agent to 6.0 or the old one would still work? Thank you ... View more

HTTPS traffic suddenly blocked

by in General Topics
‎06-11-2014 08:39 AM
‎06-11-2014 08:39 AM
Hi, We have had same issue twice in two days, where the firewalls would suddenly block HTTPS traffic; this happened on two platforms, PA-3020 and PA-5020, both running 5.0.8 PAN-OS, and the work around was to create a "Do-not decrypt all" decryption policy at the top, until we could schedule a reboot; the reboot seems to fixed the issue for now in both cases, but we are worried that  this will happen again. Did anybody else experienced this issue or have an idea of what is happening? Thank you ... View more

Re: Monitor subinterfaces and get NetFlow statistics

by in General Topics
‎05-15-2014 06:30 AM
‎05-15-2014 06:30 AM
thank you very much; it looks like there are quite a few advantages to upgrade to 6.0 ... View more

Re: Monitor subinterfaces and get NetFlow statistics

by in General Topics
‎05-14-2014 07:36 PM
‎05-14-2014 07:36 PM
Will version 6 also enable monitoring AGG and subinterfaces? I believe, if the interface is not seen through SNMP from the device, the collector cannot get the Netflow information; not quite sure though. ... View more

Re: Monitor subinterfaces and get NetFlow statistics

by in General Topics
‎05-14-2014 07:32 PM
‎05-14-2014 07:32 PM
It is standard netflow. ... View more

Monitor subinterfaces and get NetFlow statistics

by in General Topics
‎05-14-2014 04:21 PM
‎05-14-2014 04:21 PM
Hi, We have a PA-5020 and configured a few AGG interfaces with subinterface; recently, we installed a SolarWinds NTA to get NetFlow statistics, but I am not able to get anything from this device. I have created a profile and applied to the subinterface through which the Internet traffic goes, but it does not send any information to the NetFlow collector. Also, is there a way we can monitor the AGG and subinterfaces using SNMP? We do manage the device with SNMP through the management interface and I can see the physical interfaces, but not the AGG and subinterfaces. Thank you very much. ... View more

Re: Traffic log showing "attempted" rules

by in General Topics
‎03-21-2014 07:51 AM
‎03-21-2014 07:51 AM
Thank you; Yes, it does make sense; I had an idea that this was happening, now it is confirmed; Thanks again! ... View more

Traffic log showing "attempted" rules

by in General Topics
‎03-19-2014 11:05 AM
‎03-19-2014 11:05 AM
Hi, I have a few security policies (below) and did some testing on them, and found the traffic log displaying some interesting results; I have an idea of why this shows up in the log, but may be somebody more experienced can confirm. I have a rule that allows DNS application, any port: and a rule below that allows any outbound traffic: When looking at the traffic log, it looks like traffic to port 80, 443, for tries the DNS rule and application status is Incomplete, then it closes the session with the second rule, which is the one actually allowing the traffic. If, on the DNS rule I specify both, the application and the port numbers - TCP 53 and UDP 53, traffic to other ports are not showing as attempting this rule anymore and going straight to the second rule. Can somebody explain this behaviour, please? ... View more

Re: Security policy to allow YouTube

by in General Topics
‎03-17-2014 07:34 AM
‎03-17-2014 07:34 AM
This is what the Traffic log shows: \ and this is what the URL filtering log shows: These are the two policies: the first one allowing the applications, including youtube and no URL filtering applied. the second one has a URL filter applied, which blocks streaming. But, the application should be allowed by the first policy and I should be able to access www.youtube.com. Thanks ... View more

Re: Security policy to allow YouTube

by in General Topics
‎03-15-2014 08:15 PM
‎03-15-2014 08:15 PM
The first policy is open: Source=any, destination =any, Application= acebook, linkedin, twitter and youtube and Service= Any, Action allow; The traffic hits the rule, but application is "incomplete" and when looking at URL filtering, it show as blocked by the second rule where streaming-media is blocked; Thank you. ... View more

Security policy to allow YouTube

by in General Topics
‎03-14-2014 05:01 PM
‎03-14-2014 05:01 PM
Hi, I have a security policy that allow 4 application: facebook, linkedin, twitter and youtube. There is no URL filtering applied, and 3 applications work fine, but youtube does not. the traffic bypasses to another policy below that had URL filtering and which blocks streaming. If no URL filtering is applied, should not I be able to go to www.youtube.com when hitting the policy allowing the 4 applications? ... View more

Re: SSL decryption policy for all HTTPS traffic

by in General Topics
‎03-11-2014 10:04 AM
‎03-11-2014 10:04 AM
What I would like is, to be able to NOT DECRYPT any web browsing traffic on port 443. I have looked at creating a Decryption Policy Rule, but I don't have an option to add the application, it is only seem to be based on source and destination, as well as URL category. ... View more
Register or Sign-in
Contact Me
Online Status
Offline
Date Last Visited
‎07-14-2017 04:49 PM
Latest Tags
No tags yet
Likes Given To
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks