This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About SureshBalaji
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About SureshBalaji
05-20-2021
4Posts
0Likes
0Solutions
May 20, 2021Last Visited
User
Activity
User
Profile
Latest posts by SureshBalaji
| Subject | Views | Posted |
|---|---|---|
| 2287 | 04-28-2020 12:32 AM | |
| 1900 | 04-07-2020 03:51 PM | |
| 2607 | 03-11-2020 12:20 PM | |
| 2036 | 03-11-2020 11:50 AM |
User Badges
Community Statistics
| Member Since | 11-11-2018 01:28 AM |
| Date Last Visited | 05-20-2021 09:43 AM |
| Posts | 4 |
04-28-2020
12:32 AM
Hi Team, Currently working on a PA migration 5060 to 5260. I tried to import the config in to the expedition tool, which is exported from PA-5060 appliance. I found the below error on expedition. I also tried to import it after converting to zip file, which also throws an error saying that. "invalid XML Could you please advise or help me convert the config from PA 5060 to PA 5260. Thank you, With Regards, Suresh B
... View more
04-07-2020
03:51 PM
Hi Team, we recently migrated from cisco ASA to Palo Alto 3220, where for one of the policy in cisco ASA has " access-list inside-egress extended permit ip any any", And this access-list is attached to the access-group to the interface "inside". as you can see below. "access-group inside-egress out interface inside" as per my understanding from cisco perspective for this access group the traffic which egresses out of the interface named "inside", should evaluate the against the access-list "inside-egress". The following are the access-list related to inside-egress. access-list inside-egress extended permit icmp host 10.197.37.212 host 10.15.126.119 access-list inside-egress extended permit tcp host 10.16.17.9 host 10.15.4.84 eq 5707 log interval 1 access-list inside-egress extended permit ip any any When it is converted to Palo Alto, for the " access-list inside-egress extended permit ip any any" tool created a policy stating Source zone - any, Source subnet- any to destination-subnet- any, destination-zone - "inside" with allow action. Basically anything from anywhere were allowed to inside zone (which is dangerous wide open policy). How we can rectify this, need your advise, for the access-group with "out" attached to the interface and having "permit ip any any" accesslist.
... View more
03-11-2020
12:20 PM
Hi Team, Is there a we can migrate a PA 5050 multivsys configuration from one appliance and migrate it to two different 3220 appliances. Where Each Vsys from single PA 5050 goes to different 3220 appliance. For instance (Vsys1-PA 5050) should converted to one (PA 3220) and another (Vsys2 -5050) goes to second 3220 appliance.
... View more
03-11-2020
11:50 AM
Hi Team, could you please tell us is there a way to perform migration from Huawei to 5250 Palo Alto. we are aware that the migration tool would not support from Huawei to Palo Alto. Is there any scripting or other automated way available
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-20-2021
09:43 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks