This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About micharr
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About micharr
5Posts
0Likes
0Solutions
Last Visited
User
Activity
User
Profile
Latest posts by micharr
| Subject | Views | Posted |
|---|---|---|
| 41 | 02-16-2023 11:19 AM | |
| 258 | 02-16-2023 11:12 AM | |
| 60 | 01-31-2023 10:56 PM | |
| 255 | 01-31-2023 12:33 PM | |
| 1185 | 04-21-2022 11:14 PM |
User Badges
Community Statistics
| Member Since | 08-03-2021 01:51 PM |
| Date Last Visited | |
| Posts | 5 |
02-16-2023
11:19 AM
If you go to the link I am going to include, I found that PA included a sequence that carves out a fix for the Erlang and rabbitmq services without having to do an entirely new Ubuntu/Expedition install on a new VM. I was able to keep my existing deployment while getting the rabbitmq service to properly point to the new repository which fixed the PanOrders Agent which kept freezing. Hope this works for you.
https://live.paloaltonetworks.com/t5/expedition-articles/how-to-address-cve-2022-37026-vulnerability-in-expedition/ta-p/524133
... View more
02-16-2023
11:12 AM
I am doing a migration from ASA. All seems to be ok in Expedition so far. However the Objects < User ID tab is blank and mentions something about API. There is also a Plugins < User ID section which is also blank.
The ASA config has lots of user id dependencies built into the rules/policies. I have not been able to find any documentation that goes deep enough into the current version of Expedition to be worthwhile and nothing out there that I have found talks about the User ID function within Expedition.
The customer is concerned that the policies aren't migrating over with a 1:1 ruleset using User ID against their Active Directory environment like the rules did on their ASA. In the end we will have over 10k rules so going back into panorama and adding the user id component to every rule is not an option.
We have taken the step of adding all of the AD Groups in the Group Mappings section of the Panorama that are referenced in the ASA config.
Can anyone help provide a "how to" on migrations from ASA to PAN when the ASA rules already have and must keep the User ID variable in them?
... View more
01-31-2023
10:56 PM
Sorry but I simply do not have the time to do this. I am super busy with customers and my existing Expedition VM is working good enough that I cannot risk breaking it.
Also, you did not include a link to where the new script was or where the install instructions were. That would be helpful. I will try and do this when I can but it will be a month or two.
... View more
01-31-2023
12:33 PM
I just wanted to comment for visibility to MNagel's post. Everything on the web indicates that the RabbitMQ repository has changed and apparently there is a whole different way of pointing to it. I have a VERY basic knowledge of Linux so even reading the web search results, the Linux script configuration goes over my head and comfort level.
I know Expedition is best effort from PA, but we really need them to redo the original script or create another one we can run afterwards that would correct the RabbitMQ sequence.
... View more
04-21-2022
11:14 PM
No matter what I do, I keep getting an error that says "unable to resolve host address 'conversionupdates.paloaltonetworks.com'." Right now I am stuck on Ubuntu 16 using Exp 1.1.10 because the only thing I could get to work was the legacy OVA file still linked on the support site.
... View more
Contact Me
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks