This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Verac22
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Verac22
05-11-2023
9Posts
1Like
2Solutions
May 11, 2023Last Visited
User
Activity
User
Profile
Latest posts by Verac22
| Subject | Views | Posted |
|---|---|---|
| 270 | 05-11-2023 06:16 AM | |
| 524 | 03-09-2023 01:50 PM | |
| 569 | 03-09-2023 05:16 AM | |
| 464 | 03-09-2023 04:52 AM | |
| 561 | 02-28-2023 05:04 AM |
User Badges
Community Statistics
| Member Since | 02-23-2023 11:47 AM |
| Date Last Visited | 05-11-2023 09:36 AM |
| Posts | 9 |
05-11-2023
06:16 AM
We are attempting to deploy defenders in Kubernetes. We are cloud hosted prisma console. And checked through the kubernetes requirements and those seem to meet.
Uploaded the twistcli and ran the script that we generated in the console. We got the following error:
failed to generate defender daemonset: Status: 401 Unauthorized POST https://us-west1.coud.twistlock.com/redacted/api/v30.00/defenders/daemonset.yaml failed. Error: invalid token
Any idea where I should look for troubleshooting.
... View more
03-09-2023
01:50 PM
Restarting the management process did the trick. I BELIEVE I had done a push to device, though I could be wrong.
Bonus question: Do you know if there is a way to automate adding a firewall to collector groups's device log forwarding section? These firewalls can be stood up or down so right now I think I'll have to add/remove them manually if there is a teardown event.
... View more
03-09-2023
05:16 AM
Hello again all,
My next hurdle is figuring out why my VM-Series firewalls aren't getting their logs to the panorama server.
I've checked the following soo far:
Network path between the firewalls and panorama look good. it's allowing ICMP and all TCP.
Managed collectors (local to this panorama an an HA panorama) show green, in sync, green health status.
There's just one collector group with with both of those collectors in it
I've added the VM-series firewalls into the Device log forwarding section on the collector group
In the firewall policies, there is traffic hitting them and the action is set to log and forward to a log forwarding profile
log forwarding profile has objects to forward all traffic and threat logs to panorama.
I'm unaware if I'm issuing any configuration points in the above.
If I go to the firewall and run a "debug management-server log-collector-agent-status" there are no agents listed. If I run a "show logging-status", I see a variety of collectors but they are all in a "lr - Inactive" state under connection status.
Any idea what I'm missing?
... View more
03-09-2023
04:52 AM
I eventually received a response from support. Apparently even though the API key looks different, it is still valid if generated on a device using a same user/password pair and then reused on a new device.
... View more
02-28-2023
05:04 AM
We are attempting to deploy Cloud Formation Templates to create the autoscaling groups and firewalls but there are some steps around API keys that are confusing. From the pictures seen below, we are being asked for API keys for the panorama, and for the firewalls, and then the csp lisence key. My confusion points are as follows:
1. For the firewall API keys, we can't generate those as the firewalls aren't stood up yet. It's a chicken-and-egg scenario where it's asking for them in order to stand them up...???
2. Not really sure why it's asking for the csp license key as another step has us create an authcodes file and put it in the /license folder in the bootstrap location in s3.
Any insight into this is much appreciated!
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-11-2023
09:36 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks