This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About N2Z2
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About N2Z2
05-31-2023
21Posts
3Likes
2Solutions
May 31, 2023Last Visited
User
Activity
User
Profile
Latest posts by N2Z2
| Subject | Views | Posted |
|---|---|---|
| 841 | 11-11-2022 12:58 AM | |
| 901 | 11-10-2022 08:10 AM | |
| 1039 | 06-14-2022 09:29 AM | |
| 1365 | 06-14-2022 07:29 AM | |
| 964 | 06-07-2022 06:05 AM | |
| 1033 | 06-06-2022 07:36 AM | |
| 3284 | 06-06-2022 02:07 AM | |
| 3160 | 05-31-2022 12:39 AM | |
| 884 | 05-20-2022 06:01 AM | |
| 968 | 05-19-2022 01:41 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 2 Likes | 01-12-2022 07:01 AM | |
| 1 Like | 04-22-2022 07:24 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like | |||
| 1 Like | |||
| 3 Likes | |||
| 2 Likes |
User Badges
Community Statistics
| Member Since | 01-11-2022 03:51 AM |
| Date Last Visited | 05-31-2023 04:23 AM |
| Posts | 21 |
| Total Likes Received | 3 |
11-10-2022
08:10 AM
Hi all,
is it possible to use a broker vm just for network mapper without using it as a real broker vm?
I don't need to modify my Cortex installation way of working, I just want to scan my network for missing cortex installation.
Thanks
... View more
06-14-2022
07:29 AM
Hi, Min 1.0, max version "Max" The configuration is the same as in your screenshot
... View more
06-07-2022
06:05 AM
Hi, without entering into details, unfortunately that's not a method I can use. Thanks
... View more
06-06-2022
07:36 AM
Hi all, I need to automate the export to csv for a specific query for traffic log, for example (zone.src eq myzone) and (time_generated in last-calendar-day) and I must have the same fields extracted from the gui, without limit to the rows retrieved. I've tried to: - export the command from cli to csv -> nothing useful - create a custom report -> field are not the same, limit of 10k rows - python script -> how can I pass the query to the instance of Firewall object with fw.op(...) ? I can use a curl script, and it's working, but I hope for a more "elegant" solution Any hint? Thanks
... View more
06-06-2022
02:07 AM
It looks like that a workaround has been published or am I wrong? PAN-194395 The firewall drops all decrypted outbound (SSL Forward Proxy) HTTP/2 traffic after you upgrade to PAN-OS 9.1.14. Dropping this traffic prevents users from loading HTTP/2 web pages and accessing websites that use HTTP/2. Workaround : On the SSL Forward Proxy tab in the Decryption profile attached to the Decryption Policy rule that controls the HTTP/2 traffic, select Strip ALPN . When you Strip ALPN , the firewall negotiates HTTP/1.1 instead of HTTP/2. It seems working in my environment.
... View more
05-31-2022
12:39 AM
Hi, could you confirm that the problem is present in both RSA and ECDSA algorithm? There's a know issue (PAN-83215) for ECDSA but I got the error with RSA. Thanks
... View more
05-20-2022
06:01 AM
That's a statement of fact, I was asking if someone has encountered the same problem and has some hint. I can't justify 6k/year for 2 linux and 1 mobile user, that's why I don't have a GP license. For now, I've reduced the attack surface with a new policy in gateway that doesn't limit the region just for these 3 users.
... View more
05-19-2022
01:41 AM
Hi all, I'm trying to connect to vpn using vpnc. Everything works fine, but if I restrict the region in the gateway, vpnc does not connect because it is shown as "Client region: (null)" Any experience on this? Thanks
... View more
- Tags:
- vpns
05-05-2022
08:54 AM
Hi all, could you confirm that pan does not support dh group 24 in phase 2? I've a peer that (just a test, is an android device with native ikev2 psk vpn configured) asks for that group and I got this error DH group id 24 != 20, responding with INVALID_KE_PAYLOAD Thanks
... View more
04-29-2022
01:07 AM
Hi, yes, it could be a solution. Thanks for the hint
... View more
04-28-2022
01:47 AM
Hi, I've an AD domain connected for user-id agent, but in the example in the first post, the user "unknown" connects his MacBook to the network and he doesn't do login to AD domain (for example, it could do web-browsing with an ip based policy and a static dhcp lease for his mac address, I can't see the user but I'm 100% sure that the ip is his ip address, without considering mac spoofing). The perfect solution will be "connect your MacBook to another vlan to get the address from another subnet" and usually this is the way, but there are a couple of case in which I cannot do that. Maybe I could put a logoff script via gpo (yet another not elegant solution, as you said) that could use an API to invalidate the mapping? Maybe something like curl -F key=<mykey> --form file=@<myfile> "https://myfirewallip/api/?type=user-id using this as <myfile> <uid-message> <payload> <logout> <entry user="domain\user1" ip="<local_ip_go_from_script>"> </logout> </payload> <type>update</type> <version>1.0</version> </uid-message> Thanks again N.
... View more
04-27-2022
08:24 AM
Hi all, let's suppose these conditions: - interface with dhcp enabled, 24 hours lease timeout, ip range (for example) 192.168.3.0/24 - user-id agent enabled with 45 minutes timeout - virtual machine environment with non persistent vm, so when a machine is powered off it will be destroyed and recreated with a new mac address - a machine cannot do web-browsing without user-id An example: 26/04/2022 11:03:49 -> machine MACHINE1 got ip from dhcp, 192.168.3.1 27/04/2022 11:00:00 -> user USER1 log into MACHINE1, so a user-id mapping will be created between 192.168.3.1 and USER1 27/04/2022 11:02:00 -> user USER1 log off from MACHINE1 27/04/2022 11:02:30 -> machine MACHINE1 will be recreated with a new mac address and got 192.68.3.100 from dhcp 27/04/2022 11:03:00 -> machine MACHINE1 release dhcp address got 24 hours ago 27/04/2022 11:20:00 -> a user with a pc connect his machine to the network and he got 192.168.3.1 Between 11:20:00 and 11:45:00 the user "unknown" with his pc can do web-browsing with ip 192.168.3.1 because he's recognized as USER1 27/04/2022 11:45:00 -> the user-id mapping between USER1 and 192.168.3.1 will be deleted, the "unknown" user can't web-browsing anymore This could cause - unknown user do web-browsing without having rights - unknown user could visit sites as USER1, so the logs are not consistent - unknown user can have access to other network segment due to the fact that he is presenting as USER1 - and so on.. Any hint on this, other that reducing dhcp timeout that could mitigate a bit the problem, but it doesn't resolve it? Obviously the ideal could be that the dhcp does not assign an ip if there is already a user-id agent associated to the same ip with a different mac address, but I think I'm asking too much.. Thanks
... View more
04-22-2022
07:24 AM
1 Kudo
There was a session that needs to be cleared before retrying, now it's working. Thanks N.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-31-2023
04:23 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks