This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
About PatrickWalton
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About PatrickWalton
03-03-2022
6Posts
1Like
0Solutions
Mar 03, 2022Last Visited
User
Activity
User
Profile
Latest posts by PatrickWalton
| Subject | Views | Posted |
|---|---|---|
| 932 | 06-19-2018 09:32 AM | |
| 1428 | 05-29-2018 11:18 AM | |
| 1440 | 05-29-2018 09:49 AM | |
| 3266 | 05-13-2016 11:18 AM | |
| 10716 | 05-13-2016 10:54 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 05-29-2018 11:18 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like |
User Badges
Community Statistics
| Member Since | 04-01-2016 09:33 AM |
| Date Last Visited | 03-03-2022 03:35 PM |
| Posts | 6 |
| Total Likes Received | 1 |
06-19-2018
09:32 AM
I may have a use case to redirect traffic being sourced external to my network to another external destination. Based on the structure of the PBFpolicies it looks like I could do this and simply forward the traffic to another destination ip (not domain name). I can't find any concrete data points that would indicate this is not possible, but wanted to see if anyone else had done it before. Is it possible to do this?
... View more
05-29-2018
11:18 AM
1 Kudo
Thank you @reaper!!! This is exactly what I was hoping for and answers my newb question 🙂
... View more
05-29-2018
09:49 AM
We recently upgraded our Panorama M-100 to 8.0.9. After doing so, we now see these commit options: I've always been very weary of centralized firewall management after seeing a coworker push a bad config before to multiple devices. I'm a bit hesitant to click on anything that "pushes" to devices without being able to preview the configuration being pushed. This is probably a stupid question, but bear with me - when I click on the "push to devices" or "commit and push" options, do I still have the option to preview the changes being made, or does it immediately begin the commit/push process to the managed devices? Previously in 7.1.x you could click the commit button and a dialog window would open up. You could select the scope of the commit with a radio button and preview the changes to be made to each managed device one by one.
... View more
05-13-2016
11:18 AM
Is it possible to setup a vpn tunnel for yourself, then ssh to an inside management ip? I would be careful opening any external port up for management, especially if you use local authentication credentials.
... View more
05-13-2016
10:54 AM
When I look under Monitor -> Logs -> System, I see the following:
1. ipsec-key-delete: IPSec key deleted. Deleted SA <SA info> SPI:<hex dump>
2. ike-nego-p2-succ: IKE phase-2 negotiation is succeeded as responder, quick mode. Established SA <SA info> SPI: <hex dump>
3. ipsec-key-install: IPSec key installed. Installed SA <SA info> SPI: <hex dump>
We have several site to site tunnels on this firewall, some of them with multiple proxy id's. If I filter based on one specific proxy id, I see it going through this process frequently. Sometimes it is multiple times per minute, sometimes it goes ~5 minutes or so. The same occurs for numerous other proxy id's.
Is this something to be concerned about? It seems that I'm receiving delete messages that correspond to this behavior:
ike-recv-p2-delete: IKE protocol IPSec SA delete message received from peer. SPI: <hex dump>
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks