Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Live
- ›
- About Cesar.pevezFajardo
About Cesar.pevezFajardo
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
11-30-2019
6Posts
0Likes
0Solutions
Nov 30, 2019Last Visited
User
Activity
User
Profile
Latest posts by Cesar.pevezFajardo
| Subject | Views | Posted |
|---|---|---|
| 481 | 03-08-2012 03:00 PM | |
| 211 | 03-08-2012 07:57 AM | |
| 800 | 03-07-2012 08:49 AM | |
| 638 | 03-06-2012 06:09 AM | |
| 731 | 03-06-2012 05:28 AM |
User Badges
Public Statistics
| Date Registered | 03-04-2011 08:37 AM |
| Date Last Visited | 11-30-2019 06:23 AM |
| Total Messages Posted | 6 |
03-08-2012
03:00 PM
My problem is the following: I have an old check point rule that has "echo-request" and tcp-2463, that is some port used by an unknown application. I want to configure in PAN the same rule, but to do that without adding anything in the application database, I will need to create two rules, one for TCP-2463 (service) and one for PING (application). I want to have just one rule whare I can put PING and TCP-2463 together. I was thinking to create an application where I will specify the port tcp/2463 in the advanced tab. In my rule I will put this recently created application and ping in the app filed, and use "application-default" in the service field. My question is, if I do that, should I expect to have problems with the traffic, specially the one that uses TCP-2463? I made it work for unix traceroute (udp/33434-33534), but I wonder if any other unknown application will have problems if I try. I have hundreds of rules like this, and I want to economize in rules.
... View more
03-08-2012
07:57 AM
What about communicating two VSYS internally? I have a backend and a frontend firewalls, i'm migrate them to two vsys in the same physical box. The two firewalls are communicating using a private VLAN, but now that they are going to reside in the same box I want to connect the two VSYS internally. I have the two VSYS configured to see each other, I have two external zones, configured on each vsys, I have two vritual routers, one per each vsys. In the virtual routers I have routes that were configured to send traffic between the two devices, now they have as gateway the next virtual router. I wonder if the vsys will be able to pass traffic to each other through the external vsys. Do I need to configure interfaces of some sort? DO I need a third virtual router to move packets between the two VSYS? Is my configuration going to work?
... View more
03-07-2012
08:49 AM
I'm converting a Check Point firewall to PAN. they have multiple rules where ping and other user-defined services are participating. Can I create an app with the port of those services so I can have all in one rule? Do you see any problem wit that?
... View more
03-06-2012
06:09 AM
Thanks Roland The problem I have is that I don't see any reference to the version of SSH in the app description. I will like to know if there is any mechanism to diferentiate v1 from v2, so I can permit only v1.
... View more
03-06-2012
05:28 AM
01-20-2012
07:03 AM
Hi I'm converting a security policy from a Check Point device to a PAN device using the PAN converter. By default the converter sets source and destination zones as "Any". Can I use the rule like that? Is there any problem that such configuration might cause in the future or after replacing the devices? Do I need to specify zones in the rules? Please send me your comments. Thanks.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
11-30-2019
06:23 AM
|
Latest Tags
No tags yet
Latest Blogs
Latest Posts
Copyright 2007 - 2020 - Palo Alto Networks
