This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
About MikeSangray2019
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Announcements
We are conducting regularly scheduled maintenance over the weekend, which could cause some downtime on LIVEcommunity. We apologize for any inconvenience.
- LIVEcommunity
- About MikeSangray2019
06-07-2022
44Posts
0Likes
0Solutions
Jun 07, 2022Last Visited
User
Activity
User
Profile
Latest posts by MikeSangray2019
| Subject | Views | Posted |
|---|---|---|
| 828 | 08-11-2021 11:17 AM | |
| 577 | 07-12-2021 02:51 PM | |
| 627 | 07-12-2021 11:55 AM | |
| 1036 | 04-20-2021 07:37 AM | |
| 1122 | 04-15-2021 08:02 AM |
User Badges
Community Statistics
| Member Since | 10-17-2019 12:50 PM |
| Date Last Visited | 06-07-2022 03:34 PM |
| Posts | 44 |
08-11-2021
11:17 AM
When I configure the mgmt interface on its own network and I use the PA for routing, do I need to setup a static route to access the HTTP interface from a different network? Or d oes a service route take care of this automatically? I have an HA active/standby pair, do service routes need to be configured on each device?
... View more
07-12-2021
11:55 AM
I'm working on isolating the management interface onto its own network. The firewall will be the router for this traffic and the network switch it connects to will be L2 only. If my management IP is 10.10.20.10/24 and the gateway is 10.10.20.1 where do I configure the gateway address 10.10.20.1 on the firewall? Is this created as part of the management interface routing table automatically? Or do I need to create it somewhere else?
... View more
04-20-2021
07:37 AM
It looks like it's more than just an iPad. It's both iOS and Android devices. They are triggering the host sweep alert when communicating with Internet addresses which appear legitimate, so this is either OS or app traffic. I do know that if it's not successful (blocked by the firewall) the device may not function correctly as it can't confirm an Internet connection.
... View more
04-15-2021
08:02 AM
We have an iPad that is triggering our scan block policy as a host sweep. The iPad is attempting to connect to one external (Internet) IP over port 443. It's happened for the past few days to a different external IP each time. Threat vault info. Name: SCAN: Host Sweep Unique Threat ID: 8002 Has anyone else seen this behavior? What are the thresholds for this threat?
... View more
02-04-2021
11:40 AM
That's not working. As I noted in my update I have tried setting a custom log. Doing this changes the way the logs are parsed either with pan:config or pan:log. " When I set a custom log format and test changing an object name on the firewall, the logs are parsed as pan:log (not pan:config) and I can see the change detail in the raw event message, but now I've lost the other fields since it was parsed as pan:log." Does anyone have this working? I want to believe this is just something with my config that I can fix, but I haven't seen many posts that this works for others.
... View more
02-02-2021
09:29 AM
Closer, but still seeing an issue. Firewall config events are being parsed as pan:config, but without before and after change details. Other details are included, but before and after change details are both 0. When I set a custom log format and test changing an object name on the firewall, the logs are parsed as pan:log (not pan:config) and I can see the change detail in the raw event message, but now I've lost the other fields since it was parsed as pan:log.
... View more
01-15-2021
11:47 AM
Same issue on a pair of 3320s. Rebooted the passive firewall, but no change, still red.
... View more
12-21-2020
07:01 AM
So Option 2 sending to both Splunk and Panorama is feasible and not a strain on the firewalls? If so, then this is the option I'm leaning toward since it would help provide another layer of redundancy for log shipping.
... View more
12-17-2020
01:05 PM
I am standing up Panorama and not sure where to send logs. I currently have my firewalls sending logs to Splunk via a syslog server, and I want to keep getting logs into Splunk. Is there a best practice or recommended config? Option 1. Send firewall logs to Panorama and then from Panorama to Splunk Option 2. Configure firewalls to send to both Panorama and Splunk Option 3. something else?
... View more
12-10-2020
09:46 AM
I understand the path, my question is about HA. Can I upgrade one of the firewalls all the way to 9.1 and then upgrade the second firewall to 9.1 or do I have to do one to 9.0, then the second to 9.0, and then upgrade to 9.1 on the first and then 9.1 on the second.
... View more
12-10-2020
07:44 AM
I have an HA pair of firewalls on 8.1. Do I need to upgrade both to 9.0 and then 9.1 or can I upgrade one all the way to 9.1 and then the second from 8.1. to 9.1?
... View more
10-27-2020
02:37 PM
I never found a solution, agent downloads are still slow.
... View more
09-17-2020
02:24 PM
The GUI was a limiting factor in this scenario, but thanks for the information. We're after an automated solution, so maybe Panorama or API.
... View more
09-15-2020
01:59 PM
Do you know if the output of 'show config running' in an xml file can be used to restore the config?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-07-2022
03:34 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2022 - Palo Alto Networks