This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About rufusleonard
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About rufusleonard
07-26-2021
3Posts
0Likes
0Solutions
Jul 26, 2021Last Visited
User
Activity
User
Profile
Latest posts by rufusleonard
| Subject | Views | Posted |
|---|---|---|
| 3311 | 03-10-2017 08:54 AM | |
| 3431 | 02-05-2016 09:03 AM | |
| 3445 | 02-05-2016 06:26 AM |
User Badges
Community Statistics
| Member Since | 02-05-2016 05:58 AM |
| Date Last Visited | 07-26-2021 01:35 PM |
| Posts | 3 |
03-10-2017
08:54 AM
First time doing this and I'm fairly familiar with HTML and CSS however I'm not sure how to target Subcategories Is there a way to target Subcategories when using a custom response page? The online documentation only mentions <category/> also do you upload the file as a .txt or .html file? this is what I have in the script part <div id="content"> <p><img src="http://example.com/test.jpg"</img></p> <script type="text/javascript"> var cat = "<category/>"; switch(cat) { case 'file-sharing': document.getElementById("content").innerHTML = "file-sharing"; break; } </script> </div>
... View more
- Tags:
- response page
02-05-2016
09:03 AM
Thanks foryour swift reply. So when you say link down wity ECMP, I'm assuming that's just the interface reporting as down?
If so, can it be configured to failover to the other link on link/interface failure, and what happens when a clustered 3020 is set-up?
Thanks again,
John
... View more
02-05-2016
06:26 AM
Hi,
We are moving from Juniper ScreenOS SSG firewalls to PanOS 7.0.4, 3020 clustered firewalls.
On our Junipers we make use of a feature called track-ip for Interface failover between ISP's...This basically works by pinging a far device on the primary link, and after the PING failure limits being exceeded, the default route changes to that of our secondary ISP link/interface.
I'm not talking about VPN failover here, but default route / link failure/failover.
I asked this of Palo Alto support but got the following response: "The Path Monitoring feature monitors the full path through the network to mission-critical IP addresses to control failover. ICMP pings are used to verify reachability of the IP address. The default behavior is any one of the IP addresses becoming unreachable will cause the device to change the HA state to non-functional to indicate a failure of a monitored object."
This to me very much looks like a HA state config, and nothing to do with ISP link failover.
Upon speaking to someone else who is Palo accredited, they suggested using PBF, but I really don't like PBF. They then said that PanOS has a new feature called 'ECMP' and we might be able to make use of that?
Can anyone advise of a similar option of the Juniper ScreenOS 'track-ip' on the Palo Alto's?
Will ECMP work?
Is there and alternative, other than PBF?
Thanks,
John
... View more
Labels:
- Labels:
-
Configuration
-
High Availability
-
Network
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
07-26-2021
01:35 PM
|
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks