This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About nfsfantasy
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About nfsfantasy
11-16-2021
6Posts
1Like
0Solutions
Nov 16, 2021Last Visited
User
Activity
User
Profile
Latest posts by nfsfantasy
| Subject | Views | Posted |
|---|---|---|
| 1789 | 11-01-2021 10:42 PM | |
| 1894 | 10-28-2021 05:32 AM | |
| 1921 | 10-28-2021 04:41 AM | |
| 15836 | 07-21-2021 09:44 PM | |
| 1953 | 07-21-2021 01:36 AM | |
| 1806 | 01-20-2021 12:55 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 01-20-2021 12:55 AM |
User Badges
Community Statistics
| Member Since | 01-17-2021 09:44 PM |
| Date Last Visited | 11-16-2021 08:55 AM |
| Posts | 6 |
| Total Likes Received | 1 |
11-01-2021
10:42 PM
Hi Astardzhiev thank you for explain I will try to decrypt all the request from unknow
... View more
10-28-2021
05:32 AM
This chrome reirect only http like type 1.1.1.1 it can redirect to portal but we use https://facebook It not redirect
... View more
10-28-2021
04:41 AM
Hi all I use captive portal on palo alto just zone Lan to internet and found issued about chrome My client have window 7,8 and palo version 8.1 Test on firefox need open firefox and click to option for login to internet But on chorme not option for click and we try to access website https but it can not redirect to webportal to login Anyone have issued abd idea I did install cert from palo on client trustroot cert
... View more
- Tags:
- captive
07-21-2021
09:44 PM
Hi If we use this command " HOW TO FIX WEAK CIPHERS AND KEYS ON THE MANAGEMENT INTERFACE " > configure # delete deviceconfig system ssh # set deviceconfig system ssh ciphers mgmt aes256-ctr # set deviceconfig system ssh ciphers mgmt aes256-gcm # set deviceconfig system ssh default-hostkey mgmt key-type ECDSA 256 # set deviceconfig system ssh regenerate-hostkeys mgmt key-type ECDSA key-length 256 # set deviceconfig system ssh session-rekey mgmt interval 3600 # set deviceconfig system ssh mac mgmt hmac-sha2-256 # set deviceconfig system ssh mac mgmt hmac-sha2-512 # commit # exit > set ssh service-restart mgmt > configure # delete deviceconfig system ssh kex mgmt # set deviceconfig system ssh kex mgmt ecdh-sha2-nistp521 # commit # exit > set ssh service-restart mgmt afterthat i still ssh to Palo alto right, I don't know if i will configuration this after that i can ssh. thank you
... View more
07-21-2021
01:36 AM
Hi All
I found message from scan secutity on Palo alto 850 "Insecure Transport: Weak SSL Cipher ( 11285 )"
I did configuration command like in document. but the message it still show after scan again.
anyone have idea
for SSL/TLS to disable weak Algorithm-
set shared ssl-tls-service-profile web-gui protocol-settings auth-algo-sha1 no set shared ssl-tls-service-profile web-gui protocol-settings enc-algo-3des no set shared ssl-tls-service-profile web-gui protocol-settings enc-algo-rc4 no set shared ssl-tls-service-profile web-gui protocol-settings keyxchg-algo-rsa no
I am reading on document it reccomend to do this anyone can reccomend command
thank you
Disable support for weak ciphers on the server. Weak ciphers are generally defined as: · Any cipher with key length less than 128 bits · Export-class cipher suites · NULL ciphers · Ciphers that support unauthenticated modes · Ciphers assessed at security strengths below 112 bits · All RC4 ciphers · All CBC mode ciphers due to POODLE, Zombie POODLE, GOLDENDOODLE, 0-Length OpenSSL, and Sleeping POODLE vulnerabilities · All 64-bit block ciphers · All ciphers using MD5 and SHA1 for cryptographic hash functions The following ciphers supported by the server are weak and should be disabled: · TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) · TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) · TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) · TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) · TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) · TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) · TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
... View more
01-20-2021
12:55 AM
1 Kudo
Dear All I have Palo alto FW use function VPN .So my customer would like to do policy for VPN like User A VPN to Palo Fw just access to zone internal User B VPN to Palo FW can access to zone DMZ only User C VPN to Palo FW can access to All zone this time the all VPN User can access to all zone in FW . my customer need to change it thank you
... View more
- Tags:
- globalprotect
- vpn
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
11-16-2021
08:55 AM
|
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks