Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Live
- ›
- About SThatipelly
About SThatipelly
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
3 weeks ago
188Posts
4Likes
2Solutions
Aug 28, 2020Last Visited
User
Activity
User
Profile
Latest posts by SThatipelly
| Subject | Views | Posted |
|---|---|---|
| 242 | 08-17-2020 07:31 AM | |
| 336 | 08-14-2020 06:35 AM | |
| 360 | 08-11-2020 06:16 AM | |
| 840 | 08-03-2020 12:36 PM | |
| 977 | 07-28-2020 06:38 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 | 10-14-2019 06:37 AM | |
| 1 | 04-11-2019 08:27 AM | |
| 1 | 02-26-2019 05:38 AM | |
| 1 | 01-22-2019 06:39 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 5 | |||
| 1 | |||
| 1 | |||
| 1 | |||
| 1 |
User Badges
Public Statistics
| Date Registered | 08-03-2017 01:42 PM |
| Date Last Visited | 3 weeks ago |
| Total Messages Posted | 191 |
| Total Likes Received | 4 |
08-17-2020
07:31 AM
@BPry No, its the other way around. Them coming to my LAN.
... View more
08-14-2020
06:35 AM
how to check IPSEC VPN counters in CLI for a specific destination IP address? Peer is claiming the traffic is leaving their firewall but I don't see it on my pcaps and logs. How do I verify the traffic is actually passing through the VPN and hitting the tunnel? I have hundreds on server in the proxy-id as I have a /12 as the destination. Thanks.
... View more
08-11-2020
06:16 AM
@vsys_remo I'm running 9.0
... View more
08-03-2020
12:36 PM
I have decryption turned ON for outlook.office365.com url but firewall cannot really inspect the contents that are inside the email. Is it because Microsoft encrypts the email and Palo doesn't know how to decrypt it? has anyone tried decrypting outlook email traffic and successfully log the data files inside them?
... View more
07-28-2020
06:38 AM
@OtakarKlier I was able to successfully implement the firewalls yesterday. Thanks all for your help. cheers 🙂
... View more
07-24-2020
08:28 AM
@OtakarKlier to achieve True DMZ setup.
... View more
07-24-2020
05:49 AM
@OtakarKlier No, I am not replacing 5020s. I am inserting a pair of 5220s behind the 5020s.
... View more
07-24-2020
05:48 AM
@raji_toor Thanks. I am not looking to have 2 interfaces up and running at same time. I just want to have 2 interfaces in same zone for seamless cutover. I would think that doesn't create any issues during the cutover. ??
... View more
07-23-2020
07:55 AM
Will Firewall let me configure same security zone to 2 interfaces but make a decision to egress the traffic based on the route table? TIA.
... View more
06-28-2020
07:43 PM
has anyone noticed that globalprotect portal allows a user to download the software without authentication? I'm running 5.0.4. Here's the exact link: https://{IP/FQDN}/global-protect/getsoftwarepage.esp .
... View more
06-28-2020
07:25 PM
yeah I'm trying to do that but Palo auto creates space between lines despite I remove the spaces and form it into a single line using notepad. When i try to clear the space at the end of the line, it deletes the letter instead of space. Has anyone noticed this?
... View more
06-26-2020
12:36 PM
I'm trying to send syslog to Qradar. As part of this, Qradar asked me to remove the spaces in the LEEF format but when I enter a single into GUI, spaces are auto created. How to remove them and feed as a single line in Palo? can I do it via CLI instead?
... View more
06-09-2020
12:22 PM
I am forwarding netflow to NAC device which then detects endpoints based on netflow data. But it is detecting obsolete hosts in the dest IP fields as live hosts nd casuing lot of false positives. Is there a way I can instruct firewall to send just source fields in netflow export? Thanks.
... View more
04-29-2020
08:21 PM
I have 15 proxy-ids in the vpn tunnel whose peer is checkpoint firewall. Just one out of 15 usually remains really busy and lot of traffic get encap/decap on it. Remote users accessing resources within other 14 proxy-ids have absolutely no issues but they occasionally loose connectivity to those that are in the busiest proxy id and it recovers back automatically after 45-60mins. My VPN settings are as below: Phase 2: No PFS, No lifesize , Lifetime:1hr Phase 1: Group 5, Lefiteime:24hrs I started to assume it's because the bytes inside the proxy id is reaching the max limit and fails until a phase 2 rekey(1hr) happens. can someone let me know if I'm right in my assumption? if it's so, I can think of 2 solutions: 1.enforce lisize settings to say 1000MB so tunnel rekeys automatically. 2. bifurcate the local network (/24) in the proxy id into smaller chunks( two /25s) . Pls validate. Thanks in advance.
... View more
04-21-2020
01:21 PM
I configured the portal to use LDAP authentication and set "remember username". Configured gateway to use RADIUS authentication thus satisfying MFA requirement. but I'm running into an issue where GP is not prompting the user for portal authentication after the user logout and retries in some time. He is just being prompted for gateway authentication. How can I resolve this?
... View more
04-07-2020
05:34 AM
@vathreya Thanks but the article talks about having 2 OTPs. Can I replace the portal auth with LDAP and save the username and have RADIUS token on gateway?
... View more
04-06-2020
01:20 PM
@vathreya I don't think RADIUS server can do that. isn't that more of a MFA vendor like DUO feature? If portal cannot enforce 2 auths, I'm wondering if I can set the portal authentication to AD and use the same username and prompt for RADIUS password for gateway?
... View more
04-06-2020
11:59 AM
@vathreya yes, that's right.
... View more
04-06-2020
11:34 AM
I am currently using Digipass Vasco OTP as RADIUS for Globalprotect. Users just put in their LDAP username and the OTP to login. I'm looking to add another factor i.e LDAP username and password before they get prompted for RADIUS token. Pls help me configure this. thanks.
... View more
03-23-2020
11:22 AM
I have GP users whose logs show multiple attempts to public IPs on port 137. I have checked this KB https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClLfCAK and made sure user-id is not enabled on Internet interface but I have it enabled on GP interface.Image above shows the NBNS pcap captured on firewall.Anyone experiencing this?
... View more
03-20-2020
07:30 AM
@OtakarKlier thanks. I thought of the same solution but wanted to get an opinion before bringing into prod.
... View more
03-18-2020
12:53 PM
I have 4 public IP addresses that are needed to NAT to a one single private IP server in DMZ. They all listen on same port and same application. Anyway I can get this done without greatly impacting users? Thanks.
... View more
03-17-2020
02:33 PM
@vsys_remo @JoergSchuetter thanks for your responses. Do I need to purchase GP gateway license to enable support for Linux?
... View more
03-17-2020
02:03 PM
I have a consultant who is asking if the Global Protect VPN would connect with an OpenVPN-based client? I suspect he is working from a Linux PC. does Palo support it?
... View more
01-22-2020
07:03 AM
@BPry Sorry for my poor explanation. As you might already know, there is a critical zero day bug discovered in IE browser and Mircosft hasn't come up with patch yet. So in the meantime, I would like to block all access to internet from IE browsers. After following your suggestion, I am able to block around 60% of the decrypted traffic. But for some sites like twitter, google etc, application still shows twitter-base and google-base although the user-agent string matches my custom IE application and are being allowed. I made sure they are decrypted.
... View more
01-22-2020
06:50 AM
@BPry Yes the application is matching IE traffic but not matching google searches although they are decrypted.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
3 weeks ago
|
Latest Tags
No tags yet
Latest Blogs
Latest Posts
Copyright 2007 - 2020 - Palo Alto Networks
