This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About ENSANANTES
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About ENSANANTES
09-18-2023
5Posts
1Like
1Solution
Sep 18, 2023Last Visited
User
Activity
User
Profile
Latest posts by ENSANANTES
| Subject | Views | Posted |
|---|---|---|
| 2690 | 05-05-2023 02:13 AM | |
| 5472 | 12-10-2019 01:27 AM | |
| 3115 | 05-22-2019 08:45 AM | |
| 3136 | 03-01-2019 07:54 AM | |
| 3158 | 02-28-2019 07:26 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 05-05-2023 02:13 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 3 Likes | |||
| 1 Like | |||
| 2 Likes |
User Badges
Community Statistics
| Member Since | 02-28-2019 02:34 AM |
| Date Last Visited | 09-18-2023 12:07 PM |
| Posts | 5 |
| Total Likes Received | 1 |
05-05-2023
02:13 AM
1 Kudo
Same issue on PA-850 after upgrade from 9.1.4 >10.2.0>10.2.4 .
Support me ask to roll back and follow the recommended upgrade path
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-upgrade/upgrade-pan-os/upgrade-the-firewall-pan-os/determine-the-upgrade-path
w8&c
edit
File "/usr/local/bin/pan_log_export_scp", line 533, in <module> print(sshconn.insertHostkey(opt.add_host_key)) File "/usr/local/bin/pan_log_export_scp", line 174, in insertHostkey cleanhostkey = filterKeyString(hostkey).strip() + " " AttributeError: 'filter' object has no attribute 'strip'
this error needs root access to be fixed
... View more
12-10-2019
01:27 AM
I know it was an old thread. Sorry for that. I work on PANOS 9.0.5.and I see a lot a this Alert every day . According to CVE-2006-5614, this threat use Windows XP process. However, all my computers are on Windows 10 1909 and no viruses were detected on. Other strange fact is the target. The "threat" don't aim DNS server but the Gateway (here PA850). For you , is this a false positive ? Shall i open a case? Thanks for your help.
... View more
05-22-2019
08:45 AM
La réponse est bete et mechante. Les 2 adresses des Peers doivent appartenir a la meme zone. Nous avons une topologogie particuliere avec plusieurs liens publiques sans trop rentrer dans les détails et nous avons créé des zones personnalisées pour qu'elles soient plus parlantes que du trust/untrust cela a dû ajouté a la confusion , de plus jusque la je travaillais sur checkpoint ou la notion de zone n'existe pas. Toute la conf vpn etait bonne mais les 2 peer n'etaient pas ds la meme zone , une fois cela corriger le tunnel s'est monté
... View more
03-01-2019
07:54 AM
Merci pour cette reponse Nous avons contrôlé les routes , le NAT, les interfaces et les policies. Notre intégrateur a validé notre configuration. Le vpn ne fonctionne qu'en 1 Way. Le site B recoit et repond, mais le site A n'obtient rien en entrée. Le Compteur decap packets/bytes reste a 0. Nous allons escalder la demande au support Palo Alto. merci
... View more
02-28-2019
07:26 AM
Bonjour j'ai monté un tunnel vpn entre un PA-850 et un PA-220. La gateway IKE et le tunnel sont au vert. Je n'obtiens aucuns trafic en reception dans le tunnel sur le site A. Le site B quant a lui recoit mes requetes et y repond, mais comme je n'ai pas de reception je n'obtiens pas la reponse. Du coup je me suis dis il y a une policy qui bloque ou une zone mal défini. J'ai fais le tour et je ne vois pas ou est le blocage. Les 2 Palo sont en version 8.1.5. Infos site A tunnel Tunnel id: 13 type: IPSec gateway id: 4 local ip: XXX.XXX.XXX.XXX peer ip: YYY.YYY.YYY.YYY inner interface: tunnel.4 outer interface: ethernet1/1.4 state: active session: 23233 tunnel mtu: 1424 soft lifetime: 86349 hard lifetime: 86400 lifetime remain: 86399 sec lifesize remain: N/A latest rekey: 1 seconds ago monitor: on monitor status: down monitor dest: 192.168.11.2 monitor interval: 3 seconds monitor threshold: 5 probe losses monitor bitmap: 00000 monitor packets sent: 485 monitor packets recv: 0 monitor packets seen: 0 monitor packets reply:0 en/decap context: 2172 local spi: 81E36347 remote spi: 884AF897 key type: auto key protocol: ESP auth algorithm: SHA256 enc algorithm: AES256 traffic selector: protocol: 0 local ip range: 0.0.0.0 - 255.255.255.255 local port range: 0 - 65535 remote ip range: 0.0.0.0 - 255.255.255.255 remote port range: 0 - 65535 anti replay check: yes copy tos: no authentication errors: 0 decryption errors: 0 inner packet warnings: 0 replay packets: 0 packets received when lifetime expired:0 when lifesize expired:0 sending sequence: 0 receive sequence: 0 encap packets: 809 decap packets: 0 encap bytes: 102808 decap bytes: 0 key acquire requests: 442 owner state: 0 owner cpuid: s1dp0 ownership: 1 ---------------------------------------------------------------------------------------------------------------- Interface: tunnel.4 -------------------------------------------------------------------------------- Logical interface counters read from CPU: -------------------------------------------------------------------------------- bytes received 0 bytes transmitted 2804416 packets received 0 packets transmitted 16238 receive errors 0 packets dropped 0 packets dropped by flow state check 0 forwarding errors 0 no route 0 arp not found 0 neighbor not found 0 neighbor info pending 0 mac not found 0 packets routed to different zone 0 land attacks 0 ping-of-death attacks 0 teardrop attacks 0 ip spoof attacks 0 mac spoof attacks 0 ICMP fragment 0 layer2 encapsulated packets 0 layer2 decapsulated packets 0 tcp cps 0 udp cps 0 sctp cps 0 other cps 0 -------------------------------------------------------------------------------- test routing fib-lookup virtual-router default ip 192.168.11.2 -------------------------------------------------------------------------------- runtime route lookup -------------------------------------------------------------------------------- virtual-router: default destination: 192.168.11.2 result: via 10.1.1.1 interface tunnel.4, source 10.1.1.2, metric 10 ---------------------------------------------------------------- Infos Site B admin@PA220-ENSAN> test routing fib-lookup virtual-router default ip 10.100.100.101 -------------------------------------------------------------------------------- runtime route lookup -------------------------------------------------------------------------------- virtual-router: default destination: 10.100.100.101 result: via 10.1.1.2 interface tunnel.1, source 10.1.1.1, metric 10 -------------------------------------------------------------------------------- admin@PA220-ENSAN> show vpn flow tunnel-id 1 tunnel Tunnel-IPSEC id: 1 type: IPSec gateway id: 1 local ip: YYY.YYY.YYY.YYY peer ip: XXX.XXX.XXX.XXX inner interface: tunnel.1 outer interface: ethernet1/1 state: active session: 13687 tunnel mtu: 1424 soft lifetime: 5183974 hard lifetime: 5184000 lifetime remain: 5183999 sec lifesize remain: N/A latest rekey: 1 seconds ago monitor: on monitor status: down monitor dest: 10.100.100.101 monitor interval: 3 seconds monitor threshold: 5 probe losses monitor bitmap: 00000 monitor packets sent: 433 monitor packets recv: 0 monitor packets seen: 433 monitor packets reply:0 en/decap context: 1229 local spi: FBFE25E2 remote spi: 9569F5C5 key type: auto key protocol: ESP auth algorithm: SHA256 enc algorithm: AES256 traffic selector: protocol: 0 local ip range: 0.0.0.0 - 255.255.255.255 local port range: 0 - 65535 remote ip range: 0.0.0.0 - 255.255.255.255 remote port range: 0 - 65535 anti replay check: no copy tos: no authentication errors: 0 decryption errors: 0 inner packet warnings: 0 replay packets: 0 packets received when lifetime expired:0 when lifesize expired:0 sending sequence: 0 receive sequence: 0 encap packets: 1474 decap packets: 699 encap bytes: 160736 decap bytes: 84424 key acquire requests: 416 owner state: 0 owner cpuid: s1dp0 ownership: 1 Je vous avoue que je ne sais plus trop ou chercher, alors si vous avez une idée.... merci
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
09-18-2023
12:07 PM
|
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks