This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Doug_Hogue
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Doug_Hogue
05-23-2018
15Posts
1Like
0Solutions
May 23, 2018Last Visited
User
Activity
User
Profile
Latest posts by Doug_Hogue
| Subject | Views | Posted |
|---|---|---|
| 1503 | 05-31-2017 10:45 AM | |
| 1512 | 05-31-2017 09:01 AM | |
| 1130 | 04-07-2017 07:41 AM | |
| 3166 | 02-15-2017 05:53 AM | |
| 2206 | 01-26-2017 07:36 PM | |
| 2131 | 12-31-2016 04:30 PM | |
| 5274 | 10-03-2016 12:25 PM | |
| 5637 | 09-29-2016 05:30 AM | |
| 5786 | 09-21-2016 07:20 AM | |
| 1091 | 09-17-2016 02:59 PM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 02-15-2017 05:53 AM |
User Badges
Community Statistics
| Member Since | 04-22-2015 05:12 AM |
| Date Last Visited | 05-23-2018 10:18 AM |
| Posts | 15 |
| Total Likes Received | 1 |
05-31-2017
10:45 AM
Yes I have already monitored the traffic and that is how I came up with the policy I have. I was looking for the experience of others and if their poloicy was different. Their may be some other restrictions such as url filtering and such going on here that is preventing the traffic through. Thanks for your thoughts.
... View more
05-31-2017
09:01 AM
Anyone create a policy allowing a Sophos AV install and then Updates form a DMZ? I have created such a policy but still seems to be an issue. The security policy has all the source and destination zones and the destination host are any. I am then allowing the following applications (not using ports at all) dns ms-ds-smb msrpc netbios-cc sophos-live-p... sophos-rms sophos-update netbios-ss ssl web-browsing tcp-over-tcp If anyone is doing this please update me on how you are doing this securly. Thanks
... View more
04-07-2017
07:41 AM
Currently we have a rule allowing the APP "ssl" from many different zones to our Chef Deployment Servers. I am trying to determine if there is a specific APPID for Chef but been unable to fine one. Since the server team says both port 80 and 443 are needed I am considering to setup the policy using APPIDs "ssl" and "web-browsing". Looking for ideas on how others are handling this. Thanks
... View more
02-15-2017
05:53 AM
1 Kudo
Currently there is a requirement for all our remote linux servers (Which have static IPs and numbers around 250) to have access to various public YUM servers. The public YUM servers (I am told) cannot be defined statically because they constantly change. Our Corporate Security Policy does not allow web-browsing from servers, such as our remote linux servers. My first thought was to create a Palo Alto Security Policy that only allowed access to the the Internet for the YUM application. However, I noticed in the Palo Alto Application Research Center that the YUM App-ID has an Implict Use Application of web-browsing. The standard ports used are 80 and 21. To me this means, that standard web browsing to a non YUM server is possible using a Security Policy that has the linux servers as the source and the destination being any but APP-ID being YUM. Am I correct? Any ideas how to further tighten this policy down and still allow the needed flexibility to access changing public YUM servers? How do others secure YUM communications? Thanks in advance
... View more
- Tags:
- YUM
01-26-2017
07:36 PM
I have an interesting problem. There is a requirement for moblie devices (Throughout the Us and Canda) to access an SFTP Server from the Internet and upload files to it. No other devices are allowed access, from the Internet, to the SFTP server. The mobile devices will not have stat IPs but dynamic ones. The will of course not be part of our Windos Domain so our Userid Agents will not be able to get the UserId associated with the IP. Since I do not know the IP or UserId of the incoming device I am not sure how to limit, using the Palo Alto, only these devices access to the server. Any ideas or has someone ran across this and already solved it. I know I could put security on the SFTP server and require sign-in but trying to have multilayers of secuirty if possible. Thanks, Doug
... View more
12-31-2016
04:30 PM
I have a need to search my Panorama traffic logs looking for 1000's of source IPs, engress on the outside zone. I would like to write a bash script to actually read through the logs for the IP's. Manually searchinf for this large amount of IPs is not practical. Has any one done this? Any ideas how to start? I can SSH into the Panorama but no idea where the files are or the names. Also suspect I will not be able to run any type of scripting on the Panorama box but will have to exprt the logs files to another box. Any help would be appreicated.
... View more
- Tags:
- script
- traffic log
10-03-2016
12:25 PM
Thanks for the info but I tried auto and that did not work. I have found no solution as of this time. We are running PA in a Layer 2 enviorment and have the old Cisco Router dooing the PPOE connection, as a workaround. PA Support has been little help and at this point I thing we will have to abondon the PPOE and go with some sort of "static" leased connection. Very expensive option in Mexico but seems to be only choice we have, at this point.
... View more
09-29-2016
05:30 AM
All the above was done and still would not connect. The ISP said they do not require an access concentrator. As you can see the packet tracer showed that only a discovery packet was sent but when using either a router or a windows PC the packets sent from those devices are completly different. No there is no mac filtering in place be the ISP.
... View more
09-21-2016
07:20 AM
I am trying to connect a Palto Alto (in Ebano, Mexico) via PPPOE and it will not connect. As described in the PA doucment the interfeace is tyring every 3 seconds but getting the following "'PPPoE session failed to connect for user:u1st on interface:ethernet1/3. Reason: No PPPoE Offer receive" in the system log. A Cisco Router can use the same cable and connection and PPPOE established. You can attach a windows PC using the exact cable and a PPPOE connection is established. I worked with Palo Alto Tech Support for over 8 hours yesterday and we really could find no solution. Packet captures shows the PPPOE going out but nothing coming back. The ISP says since the Cisco and Windows PC can attach successfully using PPPOE that proves no ISP issue. Has anyone run into this issue before and what was done to solve it? I am adding a packet capture from the Palo Alto that cannot connect and a packet capture from a windows PC that works file. Contacted ISP and they said since Cisco/Window machine attached they said not their problem and were no further hep. I got a packet capture of the Windows machine (christian working PPPoE.pcapng) that worked. I also got a packet capture of the Palo Alto (tx (3).pcap). As you can see in the captures the way the Palo and Windows machines are negotiating PPoE are different. How do we configure the Palo to do the same type of PPPOE negotiating. Let me know and Ican email you the captures if you need them. Here is an overview of protocls being used in each case: WORKING WINDOWS LCP PAP IPV IPC LPC IPC Palo Alto PPPOED Thanks in advance, Doug
... View more
09-17-2016
02:59 PM
We have 1 LSVPN Tunnel that is disconnecitng everyday and reconnecting daily at same time. Is there a parameter I can adjust to make the tunnel active 24x7? Thanks
... View more
09-01-2016
06:56 AM
I have all the guides for configuring LSVPN at the gateway, portal and satelite. I have done that and now verifying the LSVPN connection. This is the first LSVPN satelite to try and connect. Is there a good troubleshooting guide with steps for determing why the satelite is not connecting. As all are aware the issue could be either the gateway, portal or satelite configuration or certs. I am looking for documentation or procedures that others are using to troubleshoot why the LSVPN satelites are not establishing the tunnel. Eventually we will have multible tunnels, so a standard troubleshooting procedure would be helpful. Thanks.
... View more
07-22-2016
12:14 PM
The next big project, regarding Palo Alto, is deploying a total of 5 PA-200’s. 4 will be located in 3 different locations in Mexico. 1 Mexican location will have 2 PA-200’s setup in HA mode. The remaining PA-200 will be deployed in Managua, Nicaragua. They all will be configured with Wildfire, Threat Protection, URL Filtering and Global Protect. We of course want to manage these via Panorama. I am reaching out to see if Palo Alto has a Best Practice document available explaining how to configure these boxes using Panorama and then ship to remote locations as close as possible to “plug and play”. I can find nothing that really covers configuring locally to send to remotes locations.
... View more
05-20-2016
09:59 AM
I see examples of using 2 ISPs with one PA. I also see that senario with Global Connect, Lad Balancing and IPSec Tunnels. However, I do not see where it states these types of senario's can be used in a PA-200 HA senario. Can anyone shead some light on using Dual ISP's with HA Palo Alto Firewalls. I know the fail-over is different on the PA-200, for example no session sync. Thanks in Advance.
... View more
02-25-2016
07:48 AM
We currently have Panorama with a total of 2 HA Pairs (PA3050's and PA3020's) deployed. We are planning to use Panorama to upgrade from our current 6.x software to 7.x. Here are some gental questions that perhaps someone who has done this before can answer:
What would be a good estimate for how long the upgrade takes?
Did anyone run into any major issues? If so what?
How stable is the 7.x envirnoment?
Doug Hogue, Sr. Telecommunication/Network Security Analyst UniFirst Corporation dhogue@unifirst.com http://www.unifirst.com
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks