This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About LCMember4427
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About LCMember4427
05-15-2022
60Posts
5Likes
0Solutions
May 15, 2022Last Visited
User
Activity
User
Profile
Latest posts by LCMember4427
| Subject | Views | Posted |
|---|---|---|
| 975 | 05-15-2022 12:27 AM | |
| 1013 | 05-14-2022 02:01 PM | |
| 1518 | 01-03-2022 04:35 AM | |
| 1384 | 01-03-2022 04:11 AM | |
| 2621 | 07-28-2021 07:19 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 01-03-2022 04:35 AM | |
| 1 Like | 01-03-2022 04:11 AM | |
| 1 Like | 04-30-2019 09:00 AM | |
| 1 Like | 06-19-2018 01:08 PM | |
| 1 Like | 04-09-2013 12:24 AM |
User Badges
Community Statistics
| Member Since | 02-08-2013 01:28 AM |
| Date Last Visited | 05-15-2022 04:04 AM |
| Posts | 60 |
| Total Likes Received | 5 |
05-15-2022
12:27 AM
I ask because the former time we needed to migrate the same VM-100 from a really old host I had requested our Palo support provider for help since we couldn't accept more than some minutes of downtime. They disabled our current license in the PAN portal as per the book before closing down the 'old' VM-100. However when starting the cloned copy on the new host it refused to access the internet without a license because 'the allowed number of security zones was exceeded'. And with no internet access they had no access to our license portal where our current license was waiting to be activated. As we have 10+ security zones in our config, the 'normal' way of painless migration was not possible. After having struggled for hours the support team finally wiped out our config and started from scratch with two zones and from that imported our 10+ zones setup... But we were offline for 4 hours before they got everything up and running again.... I understand PAN's concern about not letting users run their products without a license but I think that only disabling the LOCAL zones while leaving the untrust/internet zone enabled would have provided sufficient protection against 'fraud'. In that case we will always have an open path to the portal so any valid license could be (re)assigned in the PAN license portal to ensure painless migration or hardware upgrades... In any case it's in my opinion a really bad idea to deny access to the portal you badly need in order to activate your own licenses....
... View more
05-14-2022
02:01 PM
Hi, We have a VM-100 running under VMWare vSphere 7 on a brand new Dell R640 host. However its datastore (with its VM files and folders) are located in a iSCSI SAN where the controller is starting to get flakey. Hence I would like to either clone OR migrate its datastore folder to the R640's internal datastore so I can remedy the SAN controller problem. My question is: If I switch off the VM-100, can I clone its datastore folder to the R640 internal's drive and restart it from the cloned folder copy without risking that the VM-100 license gets invalidated? If yes, what is an absolutely bulletproof procedure to move a VM-100's datastore folder? I only have a very small timeframe to do this in, so I just need to be sure to get it up and running again safely with no hassles.... Thanks for comments Tor
... View more
01-03-2022
04:35 AM
1 Kudo
Hi, This is a boarding school situation. By mutual agreement we close internet access to the dorms from midnight to 6AM. Several years ago we tried to control the DormsNetZone rules by a schedule. However as this didn't kill the active sessions it was of little use for us. Now we interrupt the AC power to the DormsNet distribution switch to achieve a complete closedown of this network zone. However it would be far more elegant and not so brutal to control this with our VM-100 features. I can set a schedule from midnight to 6AM on the rules and do a "clear session all filter from DormsNetZone" from CLI but the latter must be done manually as I'm aware of no cron features in the CLI... I assume that it would be no use to create a scheduled DENY ALL rule from DormsNetZone to UnTrust during the nights either.... Any suggestion on how to automatically 'disable an interface' in PanOS governed by a schedule is highly appreciated 🙂
... View more
01-03-2022
04:11 AM
1 Kudo
Hi, Recently we upgraded our VM-100 fw from v9 to v10 and apart from the yellow login wallpaper there was not much visual changes after the transition. Everything is running as smoothly as before, except an issue with SNMP traffic statistics. We extract interface traffic statistics from our VM-100 via SNMP to a Cacti OVA appliance so we easily can monitor throughput graphs from every interface in the FW. After the upgrade these graphs were populated as before EXCEPT for the WAN/Untrust interface. It reports only 100-400 kbits/s instead of 300-400 MBits/s as it did before. We have not changed anyhting neither in Cacti nor the VM-100 interface settings. And all the other VM-100 (non-WAN) interfaces are displaying traffic in MBits/sec as expected. I have checked the upgrade issues but not found anything which can cause different SNMP statistics reporting from the WAN interface compared to the other interfaces. Anyone here who have an idea why we are experiencing this order of magnitude change in the WAN interface's SNMP statistics after upgrading to v10? Is it somehow only reporting some special traffic and not the interface's global throughput? Thanks for any help and comment!
... View more
- Tags:
- snmp
07-28-2021
07:19 AM
Thanks a lot 🙂
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-15-2022
04:04 AM
|
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks