Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- 5G
- IoT Security
- Prisma SD-WAN
Network Security
- Prisma Access
- Prisma Access Insights
- Prisma SaaS
- Prisma Cloud
- CN-Series
- VM-Series:
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
Security Operations
- Resources
- COVID-19 Response Center
- LIVEcommunity
- ›
- About olloczky
About olloczky
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
yesterday
8Posts
0Likes
0Solutions
Mar 04, 2021Last Visited
User
Activity
User
Profile
Latest posts by olloczky
| Subject | Views | Posted |
|---|---|---|
| 120 | 3 weeks ago | |
| 169 | 3 weeks ago | |
| 359 | 01-08-2021 01:50 AM | |
| 417 | 01-06-2021 11:06 PM | |
| 492 | 01-06-2021 06:49 AM |
User Badges
Public Statistics
| Date Registered | 01-04-2021 11:11 PM |
| Date Last Visited | yesterday |
| Total Messages Posted | 8 |
3 weeks ago
I also noticed that in the logs it says "application not-applicable". But the log clearly says that it is port 22 which is used... very strange..
... View more
3 weeks ago
Hi All, I have a security rule to allow ip "A" to ssh to ip "B". I can see the traffic actually hitting the fw but it gets dropped with interzone-default. The test policy match also verifies that it matches the traffic. IP "B" is actually the firewall. And IP "B" is nated like this: original packet source IP "C", original packet dest ip "A", translated packet source ip "B". How can this happen? So the traffic hitting the firewall has an explicit allow rule but still missed. IP "A" is on the other end of the IPSec tunnel and when this traffic comes, it successfully creates a child SA. Routing is also set up for IP "A" Chhers, Daniel
... View more
01-08-2021
01:50 AM
Thank you guys. I was able to collect logs on client side but the security rules restrict me to gather them but that is a different topic 🙂 Thank you all for your inputs!
... View more
01-06-2021
11:06 PM
@Brandon_Wertz thanks for that! I've checked those logs as well. Either I'm not smart enough to interpret those logs or those are just really the events which are logged and not the detailed info and error codes. Because the latter is not enough for me now unfortunately. I really appreciate your inputs guys!
... View more
01-06-2021
06:49 AM
Hi @AlexanderAstardzhiev, Thanks for this info! Unfortunately our clients are thin clients with veeeery limited capabilities. This means they cannot create files on the computer, thus cannot save logs. Maybe the first option is feasible, will check that. Besides from client side, is there no way to check similar debug infos on the FW side?
... View more
01-06-2021
04:31 AM
Hi Guys, Some of our users experience disconnects from our GP VPN. When it happens it always impacts a partial set of the clients not everyone. I would like to know a method in which I can determine the reason of the disconnection. In the Monitor-Logs-GlobalProtect tab I can only see the fact if a user is logged-out or logged in and authentication steps. Is there a way to know if somethings happening on the PA side or the users' home ISP is misbehaving? PA version: 9.1.3-h1 GP version: 5.2.4 Cheers, Daniel
... View more
01-06-2021
04:27 AM
Hi Reaper, Thanks for the info. Hopefully we will have a session with the customer on Friday so we can clarify the settings.
... View more
01-05-2021
04:25 AM
Hi All, I'm a medior network engineer who just got into a new position where I deal with PA FWs. I face the following issue now: There is an IPSEC site-to-site VPN between my PA-850 (ver. 9.1.3) and a remote FW (I'm not sure about the remote device type). I see strange behaviours. Yesterday 3 pm the rekey happened. It finished with ikev2-nego-child-succ event and created a Child_SA. But today morning all the keys got renegotiated starting with this event: Ikev2-nego-child-start. Description: IKEv2 child SA negotiation is started as responder, rekey. Initiated SA: *local_ip*[500]-*remote_ip*[500]. After this all the child SAs for the various proxy ids got deleted and then re-installed. Note: I started the story with yesterday's rekey. That was also a chain of events like this, in which the rekey was not yet due. Our workforce is relying on this IPsec tunnel, but that is also strange that on yesterday's failure they all experienced connectivity issues while on today's one they did not. Please let me know if you have any ideas, or question. Cheers, Daniel
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
yesterday
|
Latest Tags
No tags yet
Latest Blogs
Latest Posts
Copyright 2007 - 2021 - Palo Alto Networks
