Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- 5G
- IoT Security
- Prisma SD-WAN
Network Security
- Prisma Access
- Prisma Access Insights
- Prisma SaaS
- Prisma Cloud
- CN-Series
- VM-Series:
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
Security Operations
- Resources
- COVID-19 Response Center
- LIVEcommunity
- ›
- About JoeAndreini
About JoeAndreini
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
06-24-2020
82Posts
22Likes
9Solutions
Jun 24, 2020Last Visited
User
Activity
User
Profile
Latest posts by JoeAndreini
| Subject | Views | Posted |
|---|---|---|
| 1479 | 10-17-2018 08:43 AM | |
| 1554 | 10-05-2018 05:22 AM | |
| 1107 | 10-03-2018 06:53 AM | |
| 1678 | 08-31-2018 04:11 AM | |
| 775 | 08-29-2018 08:17 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 | 10-03-2018 06:53 AM | |
| 1 | 05-10-2018 04:32 AM | |
| 1 | 08-28-2018 11:35 AM | |
| 1 | 08-22-2018 07:59 AM | |
| 1 | 08-02-2018 04:44 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 2 | |||
| 1 | |||
| 1 | |||
| 1 | |||
| 1 |
User Badges
Public Statistics
| Date Registered | 02-13-2018 08:21 AM |
| Date Last Visited | 06-24-2020 01:11 PM |
| Total Messages Posted | 82 |
| Total Likes Received | 22 |
07-19-2018
04:25 AM
1 Kudo
Is the EDL external to your network? If so, is there a security policy (and likely a nat policy) allowing the management interface of the firewall to access it? AFAIK, TLS 1.1 and 1.2 are supported
... View more
07-19-2018
04:22 AM
There may be a better solution that I do not know of, just offering something I thought was better than pinging the host or searching the logs
... View more
07-18-2018
05:48 AM
1 Kudo
What if you inspect the routing table? It may take some tweaking to the GP configuration, but you should be able to have it install a route to the network or server that you can look for in the routing table.
... View more
07-13-2018
09:12 AM
You could segregate traffic within the same subnet using L2 or vwire interfaces and inspect the traffic using intra-zone rules.
... View more
07-13-2018
07:37 AM
Would it be possible to identify the recipient domain in a custom app by matching smtp-req-argument? Then simply report on that application
... View more
07-11-2018
09:47 AM
One of my customers is running 7.1.10 and is having similar problems with teh monitor tab in panorama - TAC says it is due to a memory issue that exists in 7.1.10 and recommends upgrading. I wonder if your issue is related as well...
... View more
06-27-2018
09:29 AM
Keep in mind, the firewall does not monitor every group in the domain, only those it is configured to.
... View more
06-27-2018
05:16 AM
Are you positive there is a nat rule for this outbound traffic? Scurity policy to allow it? Do you see this traffic in the logs?
... View more
06-21-2018
07:48 AM
1 Kudo
To add to BPry's recommendation, if you know the servers that will see traffoc (You probably do) you can implement rules for them that allow any application and let it run 30-60 days. You can then use the migration tool to assign app-ids from he logs (I do not have the instructions handy, but they should be out there) - I've done this a number of times with great sucess Alternately, I've used Splunk to map the most common applications and endpoints from the logs, to begin building specific rules from that
... View more
06-20-2018
04:11 AM
What version of Panorama? How long has panorama been up? I experienced a similar issue in 7.1.10 and was told that it was probably related to a bug. Restarting panorama fixes it for a few months at a time at my location.
... View more
06-15-2018
07:14 AM
1 Kudo
I encountered this previously due to a change in default BFD behavior between 7.1 and 8.0 - check your BFD settings on the VR and your global settings - we had hard coded the global setting on one firewall to match the default, and left the other "default" so it's setting changed when it was upgraded - this caused the OSPF adjacency to go down every time the BFD timer expired.
... View more
06-14-2018
04:12 AM
1 Kudo
I will add one more: If the untrust interface is configured for DHCP, is it actually obtaining an IP address?
... View more
06-14-2018
04:08 AM
1 Kudo
Purely anecdotal, but I have hot-swapped drives on M-100's dozens of times and never had a problem.
... View more
06-13-2018
04:08 AM
I know little about bitbucket, but your question is interesting enough to take a shot... Is the repository publicly accessible? https://confluence.atlassian.com/bitbucketserver/allowing-public-access-to-code-776639799.html Is there anything in the audit logs? https://confluence.atlassian.com/bitbucketserver/audit-logging-in-bitbucket-server-776640417.html https://confluence.atlassian.com/bitbucketserverkb/how-to-read-the-bitbucket-server-log-formats-779171668.html My shot-in-the-dark guess is that the Palo is getting a 401 unauthorized and does not know how to continue.
... View more
06-12-2018
07:30 AM
1 Kudo
You do not mention it specifically in your question, but take note - only one side of an IPSEC tunnel can be dynamic.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-24-2020
01:11 PM
|
Latest Tags
No tags yet
Latest Blogs
Copyright 2007 - 2021 - Palo Alto Networks
