This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Dereje
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Dereje
01-27-2023
5Posts
0Likes
0Solutions
Jan 27, 2023Last Visited
User
Activity
User
Profile
Latest posts by Dereje
| Subject | Views | Posted |
|---|---|---|
| 126 | 01-27-2023 01:24 PM | |
| 274 | 01-24-2023 07:19 AM | |
| 583 | 10-19-2021 06:46 PM | |
| 2413 | 09-16-2021 06:04 PM | |
| 1280 | 05-31-2021 02:13 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like | |||
| 1 Like | |||
| 3 Likes |
User Badges
Community Statistics
| Member Since | 03-26-2015 06:32 AM |
| Date Last Visited | 01-27-2023 05:01 PM |
| Posts | 5 |
01-27-2023
01:24 PM
Thank you for the response and the shared idea. We have the same idea of cloning the rule and modifying it for only v6 rule, but having thousands of rules, cloning that many rules is a daunting task unless we come up with some form of automation.
... View more
01-24-2023
07:19 AM
We are trying to implement IPv6 in our network, and as part of this deployment all our network resources should run on dual-stack (IPv4 & IPv6). Address objects Types in our firewall policy rules have been written based on IP (IP Netmask and IP Range), not with FQDN.
(Option 1) To make the same firewall policy rule be used (for Ipv4 and IPv6 targets), we need to convert each address objects into FQDN or (Option 2) we have to create a duplicate firewall policy rule with IPv6 targets or add the corresponding IPv6 address object to each firewall rules). What do you think which option we need to go with?
Thank you
... View more
10-19-2021
06:46 PM
Does this issue got fixed, I am having similar problem not be able to see the source user/group list in the GlobalProtect Agent configuration? Thank you
... View more
09-16-2021
06:04 PM
As part of migrating from AnyConnect VPN to Global Protect remote access VPN: - Use Case: We are using Azure AD for authentication and the GlobalProtect authentication profile is configured to use Azure AD for SSO authentication; We want remote users to use GlobalProtect remote access VPN to access enterprise data center resources; A GlobalProtect Portal and GlobalProtect Gateway is configured on a pair of PA5260 firewalls in HA; Each Active Directory user group has its own VPN profile, where each VPN profile has its own assigned IP pool; When members of the group connect to the VPN, they should be getting IP addresses only from the ranges assigned to the pool; We have users that are a member of multiple Active Directory groups (which means a user can be a member of multiple VPN profiles); When a user connects to different VPN profile, the user should get IP address from the designated pool; We want to accomplish: The firewall rules on the data center firewalls are set up to permit or deny users based on the IP pool assigned to the VPN profiles (basically based on the group in Active Directory). In the GlobalProtect configuration, how do we make users choose which VPN profile/Group to associate while they are establishing VPN connection? I might not explaining the problem very well here, but please let me know if you have any question. Thank you
... View more
- Tags:
- globalprotect
- vpns
05-31-2021
02:13 AM
Have you checked out this form Lmori, in https://live.paloaltonetworks.com/t5/minemeld-discussions/miner-to-collect-aws-ip/td-p/75925
Yes, add use the following format for the URL feed:
https://<minemeld>/feeds/<aws feed>?tr=1
See here for additional details:
https://live.paloaltonetworks.com/t5/MineMeld-Articles/Parameters-for-the-output-feeds/ta-p/146170
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks