This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Ozamir
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Ozamir
14Posts
13Likes
1Solution
Last Visited
User
Activity
User
Profile
Latest posts by Ozamir
| Subject | Views | Posted |
|---|---|---|
| 1578 | 07-29-2020 12:45 AM | |
| 10768 | 06-03-2020 05:49 AM | |
| 17487 | 08-28-2018 11:13 PM | |
| 17499 | 08-28-2018 07:14 AM | |
| 3857 | 08-09-2017 02:15 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 5 Likes | 08-28-2018 11:13 PM | |
| 8 Likes | 08-09-2017 02:15 AM |
User Badges
Community Statistics
| Member Since | 02-29-2016 01:56 AM |
| Date Last Visited | |
| Posts | 14 |
| Total Likes Received | 13 |
06-03-2020
05:49 AM
Have anyone successfully implemented Group-Mapping with G-Suite?
... View more
08-28-2018
11:13 PM
5 Kudos
I have this working. In my case logrcv process was in "stopped" state. You can see that when issuing " show system software status" command. After restarting the process, I was able to commit. ("debug software restart process log-receiver") I also had to revert all changes made prior the process restart before I could commit. *** UPDATE *** The issue is back. I also noticed, there are no new logs being created, and no data can be seen in ACC and dashboard.
... View more
08-28-2018
07:14 AM
I also have this issue. Running 8.1.3 on PA-3020
... View more
08-09-2017
02:15 AM
8 Kudos
Hello, I wanted to share a solution I have implemented recntly. Bypassing SSL Decryption based on applications was a request I had from many customers. I know there is an FR for that. but until then, with PAN-OS 8, it is possible to achieve differently. I had a specific scenario where one of my customers had to connect to his customer's Pulse Secure SSL VPN device (collaboration feature). When using SSL Decryption on his PAN NGFW, the connection was failing and he had to manualy add the IP address of his customer to a bypass rule. when you have hundreds of customers using that solution, and you need to add their IP address manualy, it is becoming problematic. The idea is, dynamically adding the destination address to an SSL Bypass rule. Here is how it goes... Create a tag - Objects --> Tags: Create a Dynamic Address Group - Objects --> Address Groups Add the previously created tag's name as a match Create a decryption rule with the new Address Group object as a destination with a 'no-decrypt' action. (pay attention to rules order) Create a Log Forwarding profile with a filter that will catch a specific application ('secure-access' for my scenario). Use Traffic as the log type . Add a Built-in Action to tag the destination address Add the Log forwarding profile to the security rule that permitted the desired application originally. Commit Access the desired website (application), and verify the address has successfully been dynamically registered to the dynamic address group (click 'more'), and successfully SSL Bypassed. Please share your thoughts..
... View more
Contact Me
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks