Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Live
- ›
- About raji_toor
About raji_toor
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Friday
150Posts
7Likes
2Solutions
May 29, 2020Last Visited
User
Activity
User
Profile
Latest posts by raji_toor
| Subject | Views | Posted |
|---|---|---|
| 57 | Wednesday | |
| 173 | a week ago | |
| 126 | 2 weeks ago | |
| 220 | 2 weeks ago | |
| 172 | 2 weeks ago |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 | 11-04-2019 10:24 AM | |
| 1 | 11-01-2017 08:46 AM | |
| 1 | 07-17-2019 02:25 PM | |
| 1 | 06-12-2019 02:33 PM | |
| 1 | 11-22-2018 07:54 AM |
User Badges
Public Statistics
| Date Registered | 02-10-2017 09:47 AM |
| Date Last Visited | Friday |
| Total Messages Posted | 153 |
| Total Likes Received | 7 |
Wednesday
@pkumar2 Thanks for pointing out, it is not set to 636. But should it not attempt ssl on 389 even if i don't change the port. I dont see that.
... View more
a week ago
Firewall B which is receiving user-ID from another firewall A using redistribution, and it seems to be adding dynamic IP's as well. Below is the output from firewall B, after i cleared registered IP's. And firewall B does not have any mechanism configured for Dynamic Address Groups. ______________________________________________ show object registered-ip all registered IP Tags ---------------------------------------- ----------------- 162.243.137.90 * "BLK-NON-CA-PORT (never expire)" "BLK-NON-CA-PORT-US (never expire)" 92.63.196.3 * "BLK-NON-CA-PORT (never expire)" "BLK-NON-CA-PORT-RU (never expire)" Total: 2 registered addresses *: received from user-id agent #: persistent
... View more
2 weeks ago
@reaper Yes it is with serail. My mistake i removed serial from last pasted output r@Panoramanv1> show logging-status device 0123456789 Type Last Log Rcvd Last Seq Num Rcvd Last Log Generated Source IP : Default Destination IP : cms0 Source Daemon : logrcvr Connection Id : 0123456789-log-collection-lr-cms0-def Log rate: 0 config N/A N/A N/A system N/A N/A N/A threat N/A N/A N/A traffic N/A N/A N/A hipmatch N/A N/A N/A gtp-tunnel N/A N/A N/A userid N/A N/A N/A iptag N/A N/A N/A auth N/A N/A N/A sctp N/A N/A N/A Source IP : Default Destination IP : cms0 Source Daemon : mgmtsrvr Connection Id : 0123456789-log-collection-ms-cms0-def Log rate: 0 config N/A N/A N/A system N/A N/A N/A threat N/A N/A N/A traffic N/A N/A N/A hipmatch N/A N/A N/A gtp-tunnel N/A N/A N/A userid N/A N/A N/A iptag N/A N/A N/A auth N/A N/A N/A sctp N/A N/A N/A
... View more
2 weeks ago
We had to rebuild Panorama from new OVA file. It is on version 9.0.8 and running on vmware. Firewalls are all in-sync This is the disk status on panorama adm-rajrupindertoor@Panoramanv1> show system disk-space Filesystem Size Used Avail Use% Mounted on /dev/root 8.0G 3.4G 4.3G 45% / none 7.9G 68K 7.9G 1% /dev /dev/sda5 24G 9.3G 14G 41% /opt/pancfg /dev/sda6 6.0G 1.8G 4.0G 31% /opt/panrepo tmpfs 7.9G 110M 7.8G 2% /dev/shm cgroup_root 7.9G 0 7.9G 0% /cgroup /dev/sda8 32G 798M 30G 3% /opt/panlogs /dev/loop0 9.9G 151M 9.2G 2% /opt/logbuffer /dev/sdb1 1.7T 77M 1.7T 1% /opt/panlogs/ld1 On panorama this command shows all as N/A show logging-status device Serial Type Last Log Rcvd Last Seq Num Rcvd Last Log Generated Source IP : Default Destination IP : cms0 Source Daemon : logrcvr Connection Id : 0123456789-log-collection-lr-cms0-def Log rate: 0 config N/A N/A N/A system N/A N/A N/A threat N/A N/A N/A traffic N/A N/A N/A hipmatch N/A N/A N/A gtp-tunnel N/A N/A N/A userid N/A N/A N/A iptag N/A N/A N/A auth N/A N/A N/A sctp N/A N/A N/A Source IP : Default Destination IP : cms0 Source Daemon : mgmtsrvr Connection Id : 0123456789-log-collection-ms-cms0-def Log rate: 0 config N/A N/A N/A system N/A N/A N/A threat N/A N/A N/A traffic N/A N/A N/A hipmatch N/A N/A N/A gtp-tunnel N/A N/A N/A userid N/A N/A N/A iptag N/A N/A N/A auth N/A N/A N/A sctp N/A N/A N/A Error message on firewalls when old panorama was shutdown. opaque: FW has lost connection to panorama, no log will be forwarded Also on panorama log storage setting shows only this much space, although 2TB disk is attached(Thin provisioned), sdb1 in output above
... View more
2 weeks ago
We want enable LDAP-SSL and i have checked the require SSL/TLS setting in the LDAP profile. I don't see any TCP/636/SSL traffic to the DC from firewall. I only see TCP/389/LDAP traffic, what i am missing.
... View more
2 weeks ago
@BPry No it was it all that GUI displayed. However Tech-support has pointed me to this. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PPReCAO
... View more
2 weeks ago
We are seeing bunch of Microsoft office 365/teams related traffic categorized as vulnerable/virus. But we don't find anything malicious about it, although it is being dropped.
... View more
2 weeks ago
I am getting below message at around 70% Operation Software Install Status Completed Result Failed Details Failed to install 9.0.8 with the following errors. SW version is 9.0.8 Installing [content ] into partition "pancfg" Nothing to install into /mnt/swm/pancfg/... Installing [maint ] into partition "maint" Nothing to install into /mnt/swm/maint/... Manifest component "dynamic" unknown, skipping Installing [panos ] into partition "sysroot1" Installing packages into /mnt/swm/sysroot1/... Installing: filesystem-3.2-30.pan Installing: libgcc-4.8.5-4.el7 Installing: ncurses-base-5.9-15.pan Installing: centos-release-7-2.1511.el7.centos.3 Installing: setup-2.8.71-8.pan Installing: filesystem-3.2-30.pan Installing: bind-license-9.9.4-31.pan Installing: fontpackages-filesystem-1.44-9.pan Installing: dejavu-fonts-common-2.33-7.pan Installing: basesystem-10.0-8.pan Installing: tzdata-2018g-1.pan Installing: nss-softokn-freebl-3.16.2.3-15.pan Installing: glibc-common-2.17-110.pan Installing: glibc-2.17-110.pan Installing: libstdc++-4.8.5-4.el7 Installing: ncurses-libs-5.9-15.pan Installing: bash-4.2.46-21.pan Installing: pcre-8.32-16.pan Installing: xz-libs-5.1.2-13.pan Installing: libsepol-2.1.9-4.pan Installing: libselinux-2.2.2-11.pan Installing: zlib-1.2.7-15.pan Installing: libcom_err-1.42.9-8.pan Installing: libxml2-2.9.4-1.pan Installing: libuuid-2.23.2-32.pan Installing: grep-2.20-2.pan Installing: readline-6.2-11.pan Installing: bzip2-libs-1.0.6-13.pan Installing: popt-1.13-17.pan Installing: chkconfig-1.3.61-7.pan Installing: freetype-2.4.11-12.pan Installing: nspr-4.10.8-4.pan Installing: audit-libs-2.4.1-6.pan Installing: sqlite-3.7.17-8.pan Installing: tcp_wrappers-libs-7.6-78.pan Installing: expat-2.1.0-9.pan Installing: libattr-2.4.46-12.pan Installing: libcap-2.22-9.pan Installing: libacl-2.2.51-12.pan Installing: sed-4.2.2-6.pan Installing: nss-util-3.19.1-5.pan Installing: gawk-4.0.2-4.pan Warnings
... View more
3 weeks ago
When logging at session end, exporting logs does not help as a persistent session will not be in the log. Session browser does not show more than 1024 sessions and can't export to csv and can't filter by date. So i think best would be from cli but i i don't know how. @OtakarKlier Does this make sense.
... View more
3 weeks ago
How can we check from CLI sessions that have been running for hours or days.
... View more
3 weeks ago
@reaper Yes i did try check now even it wouldn't work. I proceeded with panorama reboot and it entirely failed. Involved TAC and had to factory reset and restore from backup config.
... View more
3 weeks ago
We have issues logging back to panorama and error message is authentication profile missing. I have opened a case but to me it looks most likely we have to rebuild or factory reset it. We do have the daily configuration backup .tgz file which contains xml files. What is the procedure to restore it.
... View more
3 weeks ago
@reaper 9.0 and 9.0.5 were already there and Panorama is active on 9.0.5 I was trying to upgrade to 9.0.8
... View more
4 weeks ago
8.1.0 is 782MB and 8.1.8 is 422MB. I deleted them both but i still cannot directly download 9.0.8 which is 423MB. I have also followed this KB and deleted content updates but still no go. Manual upload did work. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PLSJCA4 Before upload show system disk-space Filesystem Size Used Avail Use% Mounted on /dev/root 3.8G 3.4G 223M 94% / none 1.9G 68K 1.9G 1% /dev /dev/sda5 7.6G 6.5G 682M 91% /opt/pancfg /dev/sda6 3.8G 1.4G 2.3G 37% /opt/panrepo tmpfs 1.9G 110M 1.8G 6% /dev/shm cgroup_root 1.9G 0 1.9G 0% /cgroup /dev/sdb1 1008G 600G 358G 63% /opt/panlogs
... View more
04-21-2020
07:55 PM
@SteveCantwell That is what i was planning to do, but i do not want to use my account key with admin privileges for this scheduled job. Do you know what is the least privilege role needed to Auto-Tag via API.
... View more
04-20-2020
10:39 AM
Is there a way to register auto tagged IP's in one firewall and be be registered in another.
... View more
04-17-2020
07:48 AM
Once TAB filter is set, I cannot modify the filter again. TAB filter area shows blank once filtered applied and i hit ok on the custom tab menu. Seems we have to do it right the first time and can never review what filter was applied. Tested both 9 and 8.1
... View more
04-07-2020
11:28 PM
What kind of least privilege account role would be needed for dagpusher. Also can minemeld read registered IP's from a firewall and use it in dagpusher/EDL
... View more
04-02-2020
07:35 AM
Just curious if there is another way to do it, without spending money.. I am pulling DAG blocked IPs from physical PA boxes using a python script, and then i am thinking of printing the formatted output in csv. This CSV will be used by a powershell script to create block rules in NSG in azure. I have python script in console and have tested adding rules to NSG via powershell, only thing remains is writing to and reading from both scripts. I know i can use python itself to do all in azure but doing with powershell seemed much easier.
... View more
03-27-2020
10:11 PM
@gfreeman i tried your code but it did not work for me. I tried to check if event the for loop gets executed it did not print 'TEST'. ET does not seem to like tostring/findall fw = Firewall('10.10.10.10',api_key='abcdefgh')
result = fw.op(cmd='show global-protect-gateway current-user')
print(type('result\n'))
# If you wanted to see the xml response as a string:
#print(ET.tostring(result, encoding='utf-8')
for elm in result.findall('./response/entry'):
print("\nTEST\n")
print(elm.attrib['name'] + ':')
for e in elm:
print(e.tag + ': ' + e.text)
... View more
03-27-2020
06:40 AM
5 days for this small piece of code...might not be the best way...but got it working as i would like it to...and can now use it possibly for something import pandevice
from pandevice import base
import xml.etree.ElementTree as ET
fw = pandevice.base.PanDevice('10.10.10.10',api_key='abcdefgh')
fcmd = fw.op(cmd='show global-protect-gateway current-user',xml=True)
str_xml = str(fwcmd,encoding='utf-8')
#print(str_xml)
xml_parser = ET.XMLParser()
xml_tree = ET.ElementTree(ET.fromstring(str_xml,xml_parser))
xml_root = xml_tree.getroot()
for elem in xml_root.iter():
if elem.tag != 'entry' and elem.tag != 'response' and elem.tag != 'result':
print(elem.tag,': ',elem.text)
else:
print('') result looks like this where elem.tag is the string on left and elem.text is the string on right of ':' domain : abc
islocal : no
username : xyz
primary-username : abc\xyz
computer : C_NAME
client : Microsoft Windows 10 Home , 64-bit
vpn-type : Device Level VPN
virtual-ip : 10.1.1.1
virtual-ipv6 : ::
public-ip : 2.2.2.2
public-ipv6 : ::
tunnel-type : SSL
public-connection-ipv6 : no
login-time : Mar.27 06:31:46
login-time-utc : 1585315906
lifetime : 7200
... View more
03-26-2020
09:11 PM
GlobalProtect fails mid way after connecting, remote sessions are opened and then suddenly everything stops working. On checking route table though it seems routes get removed. We have tried installing latest version global protect version 5.0 or 5.1. Host system is Windows 10 Home edition
... View more
03-25-2020
09:33 PM
@gfreeman I browsed API till vsys-name and there is nothing below it. Also i tried going up it still failed. Then i copied the text above and it showed results although not human readable
... View more
03-25-2020
09:21 PM
I am new to python. I am able to get results using op() method but not able to display or parse them to use meaningfully. fw = pandevice.base.PanDevice('10.10.10.10',api_key='abcdefgh')
fwcmd = fw.op(cmd='show global-protect-gateway current-user',xml=True)
print(type(fwcmd),"\n\n")
print(fwcmd) the result this yields is like <class 'bytes'>
b'<response status="success"><result>\n\t<entry>\n\t\t<domain>abc</domain>\n\t\t<islocal>no</islocal>\n\t\t<username>xyz.................... I would want a result that looks something like this and be able to easily operate on those results. Person ID: system
hostname: ABC-PAN
ip-address: 10.10.10.10
public-ip-address: unknown
netmask: 255.255.2255.0
default-gateway: 10.10.10.1
is-dhcp: False
ipv6-address: unknown
++ Above results i got using import pandevice
from pandevice import base
fw = pandevice.base.PanDevice('10.10.10.10',api_key='abdefgh')
jpfw = fw.show_system_info()
for p_id, p_info in jpfw.items():
print("\nPerson ID:", p_id)
for key in p_info:
print(key + ':', p_info[key])
... View more
03-23-2020
10:31 PM
Trying the API in browser. Clicking either submit or the URL give me error "show rule hit count op-command failed' Tried on 5250 multi-vsys and 220, both on 8.1.8-h5 https://PA/api/?REST_API_TOKEN=111111111&type=op&cmd=%3Cshow%3E%3Crule-hit-count%3E%3Cvsys%3E%3Cvsys-name%3E%3C%2Fvsys-name%3E%3C%2Fvsys%3E%3C%2Frule-hit-count%3E%3C%2Fshow%3E I managed to run the code and used on my firewall and was successful. But direct browsing fails. https://panos.pan.dev/docs/apis/panos_tutorials_rule_hit_count This uses <show><rule-hit-count><vsys><vsys-name><entry name='vsys1'><rule-base><entry name='security'><rules><all></all></rules></entry></rule-base></entry></vsys-name></vsys></rule-hit-count></show>"
... View more
03-19-2020
12:19 PM
Why there is no file information for what was detected as a virus(Virus/Win32.WGeneric.aiqckt). It shows under threat logs, but not wildfire logs.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
Friday
|
Latest Blogs
Latest Posts
Copyright 2007 - 2020 - Palo Alto Networks
