About JonHill

JonHill · ‎11-30-2020

In recent weeks we've had a problem reported where one minute a site will be accessible for instance Youtube and then it won't be and then it will and it goes on, after looking in the logs when the connection to Youtube fails is when the log show no USER-ID when it works it shows a local USER-ID. We use an AD group for access to general internet and have this configured on the corresponding rule. I've tried troubleshooting looking at various knowledgbase articles but haven't found any reason why sometimes USER-ID's are correct and and sites can be accessed and then othertimes they can't its also not happeing for all sites accessed at the sametime it may not work for Youtube but it will work for Google. Can anyone give me any ideas why this might be happeneing? Thanks Jon

JonHill · ‎02-26-2020

I've followed a number of articles to import our Checkpoint config into Expedition ready to import into our Palos but for whatever reason the Rules won't import, objects and NATs import fine but the rules don't. Our Checkpoint version is 77.30. I've followed https://live.paloaltonetworks.com/t5/Migration-Tool-Articles/Checkpoint-Different-Source-Files-Forma... for the migration tool which I've also tried but that fails to import the rules as well. The Rules are all in the rules.c file. Can anyone suggest where I might be going wrong and how I can successfully import the rules? Any help would be much appreciated. Thanks Jon

JonHill · ‎07-05-2019

I'm very new to PAN firewalls and are still learning as I go along, they've only been in a month or so and the only rule is currently set any any from the trust to untrust zones and vice versa. We've got a couple of issues around some connections that traverse our 5250's (LAN to WAN and vice versa) but from the 5250's perspective its not seeing any traffic in the logs for the addresses in question, no deny drops allows nothing. When we've done a packet capture from the servers on either end of the connection it shows the traffic leaving but its never seen on the 5250's. We've checked the routing and everything else in between but we've found nothing wrong. Zone protection profile has been disabled. Is there anything else that I can check to see if for one reason or another the 5250's are doing something they shouldn't to the traffic? Any help would be much appreciated? Thanks Jon

JonHill · ‎06-03-2019

We deployed our 5520 recently between our LAN and MPLS connections and the reports from Panorama are great but I'd like to be able to create a custom SAAS report with specific source - destination traffic excluded from the report. Is this possible and if so how do I start building the report? Thanks Jon

JonHill · ‎01-15-2019

As you say it was down to the speed at which I re-enabled the interfaces that it had permanently stayed with the peer. Is there anyway of changing these timers and where do I find them? Thanks

JonHill · ‎01-14-2019

We've configured HA Active\Passive on a pair of 5250's running PAN-OS 8.1.5 and it works a treat and pre-emption also works as expected. I've configured Link monitoring so if we get an HA failure if the trusted links fail which works and it fails over to the passive as expected but when the links come back it doesn't fail back again to the active unit. Does Pre-emption work with Link and Path monitoring and if it does how is it configured? Any help would be much appreciated. Thanks Jon

Date Registered	‎10-18-2018 02:34 AM
Date Last Visited	‎12-03-2020 01:09 PM
Total Messages Posted	6

Online Status	Offline
Date Last Visited	‎12-03-2020 01:09 PM

About JonHill

User-ID Help

Checkpoint Rule Import

Connection Issues between servers

Custom Report

Re: HA Link and Path Monitoring

CLI tool to import/export objects and rules using CSV files

Re: Custom Report

Re: HA Link and Path Monitoring

Re: HA Link and Path Monitoring

User-ID Help

Checkpoint Rule Import

Connection Issues between servers

Custom Report

Re: HA Link and Path Monitoring

HA Link and Path Monitoring

Strata

Prisma

Cortex

About JonHill