This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Maxstr
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Maxstr
08-31-2020
82Posts
1Like
0Solutions
Aug 31, 2020Last Visited
User
Activity
User
Profile
Latest posts by Maxstr
| Subject | Views | Posted |
|---|---|---|
| 16153 | 05-05-2020 01:27 PM | |
| 8928 | 01-31-2020 09:47 AM | |
| 19790 | 01-09-2020 08:26 AM | |
| 4285 | 08-23-2019 11:02 AM | |
| 4308 | 08-23-2019 09:16 AM | |
| 4387 | 08-23-2019 07:18 AM | |
| 4217 | 08-08-2019 08:58 AM | |
| 3478 | 06-21-2019 12:47 PM | |
| 3489 | 06-21-2019 12:29 PM | |
| 3508 | 06-21-2019 11:36 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 12-10-2013 01:52 PM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like | |||
| 2 Likes | |||
| 2 Likes | |||
| 2 Likes | |||
| 1 Like |
User Badges
Community Statistics
| Member Since | 07-18-2013 11:48 AM |
| Date Last Visited | 08-31-2020 10:54 AM |
| Posts | 82 |
| Total Likes Received | 1 |
05-05-2020
01:27 PM
I installed the 7.1 agent on Windows 10 1909, but I ran into issues with sysprep so I'm trying to uninstall it. I'm getting the message that it can't be uninstalled unless I disable Anti-Tamper protection. I was able to disable it with cytool protect disable, but I've never run into this message with Traps. Is it normal to need to disable anti-tamper to uninstall Cortex?
... View more
01-09-2020
08:26 AM
A couple days ago, the threatvault added threat id 56505, and since then our threat log is getting spammed with the vulnerability type Non-RFC Compliant DNS Traffic on Port 53/5353 (informational). We use dnscrypt, and every single DNS request is now showing up in the threat log. First of all, is this a false positive? And if so, how do I prevent this from inundating my logs?
... View more
08-23-2019
11:02 AM
@BPry wrote: @Maxstr, This is an extremely good use case of the API. Bonus Points: If you configure a machine so that it can utilize both ISP circuits (through two NICs or VLAN setup) you could actually automate testing the circuits and automatically enable/disable the PBF rule on the firewall once bandwidth is within expected norms. This would take any manual interaction requirements out completely. So I looked over the API documentation, and I do see one for PBF rules. I've never used REST API though, so I guess it's time for a crash course. Any advise on where to start?
... View more
08-23-2019
09:16 AM
@OtakarKlier wrote: However gertting better ISP's might be worth looking into as well. How does the saying go... "A general goes to war with the army he has"
... View more
08-23-2019
07:18 AM
I'd like to create a script or some kind of quick method to disable a PBF rule. We have a dual-ISP setup, and sometimes one ISP will get extremely slow. But it doesn't actually go down, so it doesn't trigger the PBF rule, and we're left with nearly unusable internet. As the only "firewall guy", they basically have to wait on me to disable a PBF rule. Is there a way to script this?
... View more
- Tags:
- pbf
08-08-2019
08:58 AM
We had an outage that took out a switch, and the PA management port is connected to that switch. I was unable to access the UI or CLI, and VPN was unable to authenticate via LDAP. I found the issue was that all the Service Routes were set to default using the MGT port. After looking through the settings, I see that I can assign a Management Profile to multiple interfaces, which would allow me to access the UI/CLI if the management port goes down. But that does not include Service Routes, which can only be assigned to a single interface- either the MGT port, or a another interface. Is it possible to make service routes redundant? Maybe something like a PBF rule for service routes?
... View more
06-21-2019
12:47 PM
Ah I see... I thought since I'm also seeing other decrypt errors that this one was different. I even created another post asking about how to pass traffic that has decrypt errors, rather than denying it
... View more
06-21-2019
12:29 PM
But there is nothing in the policies or URL filter lists that would be blocking this
... View more
06-21-2019
08:04 AM
Is there any way to allow traffic after "decrypt-error"? I get a lot of decrypt-errors showing up in the logs when SSL decryption is enabled. Most of it is from amazonaws.com (even though I excluded it from decryption). I would rather just allow the traffic to pass, but instead it's getting denied by default, and I can't find any way to allow it instead. I'm running 8.1.5
... View more
08-02-2018
10:50 AM
Are there any known issues with Traps and the IBM Trusteer browser plug-in? I have a few users with Trusteer who are experiencing issues when Traps is installed, but nothing shows in the Traps dashboard. Trusteer makes a lot of weird browser changes, and other AV venders have workarounds for it.
... View more
07-04-2018
02:29 PM
It's a technical question for the Palo engineers
... View more
06-26-2018
06:23 PM
On PAN-OS 8.1.2 I'm getting decrypt-errors when decrypting inbound traffic. I ran a test using SSLabs.com, and I found that newer browsers are requesting x25519 and getting a handshake error. It's showing that only secp256r1 are secp384r1 are supported. Does 8.1 support x25519 or plan to support it?
... View more
10-12-2017
07:44 AM
The information I'm trying to see is how often one of my ISP's goes down in a given week/month. I have dual ISP's so I use PBF rules to failover. I currently have a system log setting to email me when a PBF rule is triggered (subtype eq pbf). But I don't see any "system" categories in the scheduled reports. Is there any way to make a report for PBF events? Or is there another way I can get this kind of report? Thanks Edit: I am on release 8.04
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
08-31-2020
10:54 AM
|
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks