Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- ›
- About raji_toor
About raji_toor
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
yesterday
232Posts
11Likes
4Solutions
Jan 22, 2021Last Visited
User
Activity
User
Profile
Latest posts by raji_toor
| Subject | Views | Posted |
|---|---|---|
| 330 | 12-02-2020 08:59 AM | |
| 505 | 12-01-2020 09:45 AM | |
| 384 | 12-01-2020 07:18 AM | |
| 484 | 11-30-2020 10:01 AM | |
| 218 | 11-27-2020 11:24 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 2 | 12-01-2020 09:45 AM | |
| 1 | 06-01-2020 02:41 PM | |
| 1 | 08-11-2020 04:24 PM | |
| 1 | 11-04-2019 10:24 AM | |
| 1 | 11-01-2017 08:46 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 | |||
| 1 | |||
| 6 |
User Badges
Public Statistics
| Date Registered | 02-10-2017 09:47 AM |
| Date Last Visited | yesterday |
| Total Messages Posted | 235 |
| Total Likes Received | 11 |
12-02-2020
08:59 AM
So I found this(https://github.com/zepryspet/GoPAN) to pull zone based CPS stats using snmp and I was also able to map this SNMP in PRTG as well. But pulling data using GoPan gave more data than PRTG as poll interval is much faster for GoPan. I have to manually sort data though I still don't get how netflow is usefull, all I see is bandwidth for HTTPS on filtering for the particular server. @BPry or someone else can suggest what i should be doing for sever CPS calculation
... View more
12-01-2020
09:45 AM
2 Kudos
@ce1028 You don't need to assign any IP form the new range to your interface if your ISP is advertising it for you over the internet. Just add a static route for the new IP range towards the external interface. Rest is usual Nat and security policy. That is ISP is advertising that this 15.1.1.0/27 subnet can be reached through your link. You also point it towards your external link and use the IP's from that range in NAT and security policies.
... View more
12-01-2020
07:18 AM
@BPry I have setup netflow with PRTG but not sure what I am looking for in here that can give me the numbers to use for in the DoS profile. Screenshot from Top Connections Also I can script it as well but what do I do with this. Do I count the number of sessions to the server at regular interval for this output. show session all filter destination X.X.X.129 -------------------------------------------------------------------------------- ID Application State Type Flag Src[Sport]/Zone/Proto (translated IP[Port]) Vsys Dst[Dport]/Zone (translated IP[Port]) -------------------------------------------------------------------------------- 1368583 ssl ACTIVE FLOW ND 113.173.225.13[51541]/EXTERNAL/6 (113.173.225.13[51541]) vsys1 X.X.X.129[443]/DMZN (192.168.8.30[443]) 140406 ssl ACTIVE FLOW ND 209.121.37.106[52465]/EXTERNAL/6 (209.121.37.106[52465]) vsys1 X.X.X.129[443]/DMZN (192.168.8.30[443]) 1381933 ssl ACTIVE FLOW ND 96.48.142.40[60647]/EXTERNAL/6 (96.48.142.40[60647]) vsys1 X.X.X.129[443]/DMZN (192.168.8.30[443]) 1594610 ssl ACTIVE FLOW ND 50.98.173.15[61753]/EXTERNAL/6 (50.98.173.15[61753]) vsys1 X.X.X.129[443]/DMZN (192.168.8.30[443]) 3862404 ssl ACTIVE FLOW ND 50.68.197.84[55053]/EXTERNAL/6 (50.68.197.84[55053])
... View more
11-30-2020
10:01 AM
'Log at Session End, captures the number of connections at the session end." I am little confused by this statement. How does 'Log at Session End' help in calculating CPS for a server. https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/zone-protection-and-dos-protection/zone-defense/take-baseline-cps-measurements-for-setting-flood-thresholds/how-to-measure-cps.html And what other method can I specifically use on the firewall for CPS calculation for a specific server.
... View more
11-27-2020
11:24 AM
Thanks @BPry It seems Microsoft has dropped the on-prem MFA server installation aswell. So i guess my only option is to either use NPS directly/indirectly.
... View more
11-26-2020
04:00 PM
I am building this new but don't have concrete steps to start with. What I understand until now is that we need NPS extension for MFA to work with Azure. We last year moved away from NPS as our radius server to Cisco ISE. So do I have to figure out how to integrate ISE with Azure or do i have no choice but to implement NPS to get this working.
... View more
11-26-2020
03:00 PM
@kiwi Yes i had got it working like this but it gives control on the whole tunnel but not per user. I guess for per user control i would need to create separate policies for each user.
... View more
11-26-2020
02:51 PM
@BPry i put a continuous ping the destination server from the client PC. 1 ping drop occurred but did not stop stop transfer until later. no ping drop and it still drops.
... View more
11-24-2020
09:17 AM
If i am not wrong it should be a dns name and not IP in there although it doesn't stop you from entering IP
... View more
11-24-2020
09:15 AM
@JeffKim CPS you are seeing in chrome are averaged over time so you don't see small bursts in that, while the threat log is more accurate in telling you that it did reach your alarm/activate/drop thresholds.
... View more
11-23-2020
10:44 PM
@Jafar_Hussain Your screenshot shows you are accessing it by IP, instead you should be accessing it by the common name you have set while creating cert.
... View more
11-23-2020
11:05 AM
We have some users that need to transfer large files on-preemies. When copying files shortly between 5-20% data transfer this error is thrown. Files are MultiGig in size. Small file around 100M that I tested did not show this error. Copying to the same file share from within on-prem network does not give this error. I have tried changing mtu as per this article and that also did not help. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PPbZCAW
... View more
11-20-2020
02:32 PM
We have a use case where many users need to upload files on premises and these are very large video files to on-premises. We want to rate limit/control the organization bandwidth consumed by these users. What are our options. Also we use subinterfaces so there is a QoS already in use for rate limiting traffic traffic to another campus. How can we rate limit incoming traffic both incoming and outgoing are subinterfaces under the same physical interface.
... View more
11-10-2020
10:41 AM
@BPry I understand it can be different for classified depending server/application itself, but am I right in my understanding of aggregate vs zone protection profiles.
... View more
11-09-2020
08:55 AM
We have separate zone protection profiles for each zone. And the definition of aggregate says that "all thresholds apply to the entire group of devices specified in a DoS Protection policy rule". So if we are trying to protect servers in DMZ, unless we use smaller groups (for which our environment doesn't seem to have a usecase). Do we even need to use Aggregate DOS protection. Only using Classified seems more appropriate in this scenario, Also as i understand, I should be able club multiple DMZ servers in same DOS policy and the thresholds will apply to each server individually.
... View more
Latest Blogs
Latest Posts
Copyright 2007 - 2021 - Palo Alto Networks
