Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Live
- ›
- About MikeSangray2019
About MikeSangray2019
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
yesterday
20Posts
0Likes
0Solutions
May 29, 2020Last Visited
User
Activity
User
Profile
Latest posts by MikeSangray2019
| Subject | Views | Posted |
|---|---|---|
| 83 | a week ago | |
| 200 | 2 weeks ago | |
| 253 | 04-27-2020 06:56 AM | |
| 341 | 04-24-2020 01:30 PM | |
| 378 | 03-03-2020 09:02 AM |
User Badges
Public Statistics
| Date Registered | 10-17-2019 12:50 PM |
| Date Last Visited | yesterday |
| Total Messages Posted | 20 |
a week ago
It was switch config. Needed to setup a second port channel on the switches so the interfaces that went to firewall 1 were in a port channel and the interfaces that went to firewall 2 were in their own port channel. This post also helped. https://live.paloaltonetworks.com/t5/general-topics/active-pasive-ha-with-lag-to-virtual-chassis-dropped-packets/td-p/27117#
... View more
2 weeks ago
I'm working on an HA project, but can't get the interfaces to negotiate. 2 x PA-3220 v8.1 2 x Dell N4032F switches latest recommended firmware The firewalls are setup for active/passive HA and the switches are configured for MLAG and have a LAG setup to connect to the firewalls. The PA ae interface on the active firewall shows one physical interface as active, but the other is 'not active (negotiation failed)' resulting in an amber link state. I've checked all of the settings on both the PA and switches and it looks like it should be working. System logs show lacp, critical, nego-fail, "LACP interface ethernet1/19 moved out of AE-group ae1. Selection state Unselected(Negotiation failed)'" What logs and settings should I check again? Also wondering if this solution with multiple AE might be an option, but it's an older post so I'm not sure if it still applies. https://live.paloaltonetworks.com/t5/general-topics/active-pasive-ha-with-lag-to-virtual-chassis-dropped-packets/td-p/27117#
... View more
04-27-2020
06:56 AM
Logs are being shipped to Splunk. I'm following the directions to use custom formatting ' Enter the log format above. Click on the field names in the left panel to include them in the log format.' by clicking on the name, then commit, and then no more config logs after that change to use custom log formatting. Return to default and config logs start working again. Just confirmed again. Maybe something for tech support?
... View more
04-24-2020
01:30 PM
I'm trying to get the firewall to send before and after change detail to splunk. I've tried various formats in Custom Log Format, but any changes I make result in no logs being sent to splunk. What is the correct format for Custom Log Format when using syslog and splunk? I'm running PA OS 8.1
... View more
03-03-2020
09:02 AM
Thanks. Maybe a feature request to change behavior to allow for adding fields to default rather than having to recreate and potentially miss some fields.
... View more
03-02-2020
01:05 PM
If I use a custom log format for syslog does the new custom format replace the existing default format? So if I want syslog to send before-change-detail and after-change-detail do I have to add every default field to the new custom format so I get default+custom?
... View more
02-14-2020
11:53 AM
The EDL entries aren't part of the exportable config via the api and if the IP isn't part of an event it won't show in a SIEM. It does look like you can generate a list using the CLI via 'request system external-list show' so that might be an option for a script or a report?
... View more
01-16-2020
09:44 AM
I'm working on this as well. To be clear, this has to be enabled twice in three places. 1) the GUI URL Filtering Profile -> URL Filtering Settings (tab) 2) cli --> > configure # set deviceconfig setting ctd x-forwarded-for yes|no https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClIVCA0 3) create a custom URL Category with your sites listed, apply this custom category to a URL Filtering Profile, and apply the filtering profile to the appropriate security policies This is working for me.
... View more
01-10-2020
07:16 AM
I am on a 3220 8.1.10 and agent version 5.0.5. Downloading the agent from the portal is very slow; usually less than 1M. Network, upload speeds, etc. checks out, so it appears to be just downloading the agent. Portal and gateway config is using loopback setup and non-standard ssl port. This can be an issue when we have remote users on poor Internet connections - the agent download doesn't always complete. My connection is 100M and agent download speeds are still <1M.
... View more
01-02-2020
11:51 AM
Thanks. What kind of latency are you seeing?
... View more
01-02-2020
07:42 AM
We are working with a partner who is using Google Cloud VPN and we are seeing latency issues. They will only reference Google documentation and will not set MTU on their end. On our end we are trying to determine the optimal MTU setting, but it's a bit tricky. It also looks like setting MSS is not really an option for us as it's an interface-only option and can't be configured on a tunnel. Has anyone dealt with the other end of an IPSec VPN tunnel being a Google Cloud VPN? Background: we recently migrated from a Sonicwall to a Palo Alto. The Sonicwall performed better and without MTU being configured.
... View more
12-30-2019
09:12 AM
If I download a file does the firewall cache it for a period of time in case anyone else tries to download the same file? So instead of re-downloading the same file from the Internet, the firewall would just serve the cached file for the second download.
... View more
12-30-2019
08:21 AM
I don't know what you mean by " files show under Data logs".
... View more
12-30-2019
07:05 AM
I'm doing some bandwidth testing and need to know if the firewall caches downloaded files and if so where can I find the documentation for this and any settings.
... View more
11-15-2019
01:09 PM
I have a pair of 3220s I'm configuring in HA active/passive. We connected the HSCI ports and got a green light on the ports and showing green/up on the HA dashboard widget. They are direct-connected and configured as Ethernet. Do I need to set an IP address on these for this config or are they good to go?
... View more
11-15-2019
11:36 AM
I did a similar test and got a similar result. AFAIK setting the allow list to 'all' and relying on authentication profiles is the cleanest way to go about provisioning permissions, but if I'm mistaken please let me know.
... View more
11-15-2019
08:25 AM
Thanks. And to clarify if a user isn't defined as an Administrator or as a Captive Portal or GlobalProtect user either explicitly or as a group member, then authentication will fail with something like an "Authentication profile not found for the user" message in the system log? Simply selecting 'all' in the allow list does not grant everyone the ability to login to the firewall, correct?
... View more
11-14-2019
10:30 AM
When configuring an LDAP Authentication Profile what does the 'all' refer to in the allow list?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
yesterday
|
Latest Tags
No tags yet
Latest Blogs
Latest Posts
Copyright 2007 - 2020 - Palo Alto Networks
