Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- ›
- About FabioGarcia
About FabioGarcia
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
11-25-2020
57Posts
9Likes
4Solutions
Nov 25, 2020Last Visited
User
Activity
User
Profile
Latest posts by FabioGarcia
| Subject | Views | Posted |
|---|---|---|
| 1960 | 04-16-2020 01:59 PM | |
| 2175 | 04-09-2020 06:29 AM | |
| 1037 | 12-10-2018 11:47 AM | |
| 1061 | 11-23-2018 09:14 AM | |
| 1076 | 11-19-2018 02:47 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 2 | 07-12-2018 11:26 AM | |
| 1 | 06-10-2015 12:42 PM | |
| 1 | 10-13-2014 02:27 PM | |
| 1 | 03-07-2014 06:49 AM | |
| 2 | 02-04-2013 12:37 PM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 | |||
| 1 | |||
| 1 | |||
| 1 | |||
| 2 |
User Badges
Public Statistics
| Date Registered | 08-21-2012 10:59 AM |
| Date Last Visited | 11-25-2020 08:51 AM |
| Total Messages Posted | 59 |
| Total Likes Received | 9 |
04-16-2020
01:59 PM
Hello thanks for the feedback! I am attaching some log files
... View more
04-09-2020
06:29 AM
I am not able to install COrtex XDR in a WIN10 computer; When we try to start the service below we received error message 1067
... View more
12-10-2018
11:47 AM
hello thanks for the reply... but the VPN doesnt establish very well..... because of the worng behavior at public interface... INT 1/4 public IP is 200.200.200.2... gateway is 200.200.200.1 But that traffic from 1/4 (200.200.200.2) is going thru 1/5.... (NATed to 1/5 IP) and then VPN doesnt establish (the other side expect 200.200.200.2.... ) that is the main problem...
... View more
11-23-2018
09:14 AM
Hello.... we have 2 in HA... we deal with just 1... the active one...
... View more
11-19-2018
02:47 AM
Hello friends! We have now 3 ISPs, we started to use load balancing (all methoeds tested); Problem: Sometimes, packets from PA220, interface 1/4 (ISP 1), goes out to internet thru interface 1/5 (ISP 2). User's traffic with no problem.. But PA220 internet traffic (VPN establishment for example) is inconsistent. PA220 VPN initial IKE traffic example VPN Gateway A PA220 IP a.a.a.a (int 1/4) >>> peer IP b.b.b.b At monitor > traffic we see IP a.a.a.a (int 1/4) going thru int 1/5 VPN doesnt establish Scenario as per below: "VR-LAN" for LAN (lan interface + tunnel intrefaces) "VR-WAN" for Internet links (all default routes with same cost) Is there a way to internet traffic from PA220 be out of that load balacing ?
... View more
08-29-2018
04:44 AM
Hello Tahnks for the reply, I got problem solved using the following PAN-OS 8.0.9 UIA 8.0.10-7 Reboot all Domain Controllers Disabling angentless configuration at PA boxes Right now using only UIA as user ID method
... View more
08-22-2018
04:47 AM
Hello, thanks for the suggestion... we did the upgrade to 8.1.1 but didint solve the problem.. we still see the machine-names at our logs... "username sec rules" are not working anymore... Also, when we see logs at UIA, all the usernames seems to be OK... now, after 8.1.1 upgrade in different formats... but that doesnt reflect at PA Box...
... View more
08-21-2018
12:16 PM
Hello All, BOX 3020, with PANOS 8.0.9 with USER-ID problems Some IPs are mapped to machine names... not anymore to users... admin@BRFW-3020-02(active)> show user ip-user-mapping all | match bres 172.26.20.116 vsys1 UIA XXXXXXXX\bresd11192$ 42609 42609 172.26.20.68 vsys1 UIA XXXXXXXX\bressd14056$ 43167 43167 172.26.52.36 vsys1 UIA XXXXXXXX\bresd15005$ 41989 41989 172.26.17.170 vsys1 UIA XXXXXXXX\brespd11294$ 42671 42671 172.26.20.145 vsys1 UIA XXXXXXXX\bresl14019$ 42577 42577 172.26.17.130 vsys1 UIA XXXXXXXX\brespd11355$ 42577 42577 172.26.20.61 vsys1 UIA XXXXXXXX\bressd14053$ 42757 42757 172.26.28.175 vsys1 UIA XXXXXXXX\bresl14114$ 42457 42457 172.26.13.146 vsys1 UIA XXXXXXXX\bressl15179$ 35664 35664 172.26.28.62 vsys1 UIA XXXXXXXX\bressd11218$ 43194 43194 172.26.28.151 vsys1 UIA XXXXXXXX\bressl14038$ 43037 43037 172.26.20.184 vsys1 UIA XXXXXXXX\bresd14173$ 42064 42064 Other IPs show up OK 172.26.50.206 vsys1 UIA XXXXXXXX\xxxxxxx.sousa 31177 31177 192.168.89.185 vsys1 UIA XXXXXXXX\xxxxxxx.bisel 25919 25919 172.26.50.222 vsys1 UIA XXXXXXXX\xxxxxx.pereira 40296 40296 172.26.8.10 vsys1 UIA XXXXXXXX\xxxxxxx.lugao 41807 41807 172.26.8.86 vsys1 UIA XXXXXXXX\xxxxxxx.silveira 41768 41768 172.26.8.32 vsys1 UIA XXXXXXXX\xxxxxxx.andrade 41293 41293 172.26.50.51 vsys1 UIA XXXXXXXX\xxxxxxx.borges 40227 40227 172.26.33.197 vsys1 UIA XXXXXXXX\xxxxxx.rojas 8057 8057 172.26.50.47 vsys1 UIA XXXXXXXX\xxxxxx.silva 42116 42116 172.26.50.126 vsys1 UIA XXXXXXXX\xxxxx.rodrigues 42881 42881 172.26.19.15 vsys1 UIA XXXXXXXX\bakman 42548 42548 172.26.8.13 vsys1 UIA XXXXXXXX\xxxxx.estrella 37654 37654 172.26.50.147 vsys1 UIA XXXXXXXX\xxxxxx.leite 41228 41228 172.26.4.162 vsys1 UIA XXXXXXXX\xxxxxx.magalhaes 42199 42199 x172.26.53.182 vsys1 UIA XXXXXXXX\xxxxxx.hmc 42412 42412 172.26.20.177 vsys1 UIA XXXXXXXX\xxxxx.silva 27856 27856 At Domain Controllers, UIA seems to be working fine
... View more
- Tags:
- user-id uia
07-12-2018
11:26 AM
2 Kudos
Dears I found the problem The Captive Portal URL was modified in Version 8.X Captive portal URL PANOS v7.x https://X.X.X.X:6082/php/uid.php?vsys=1&url=http://www.URL.com Captive portal URL PANOS v8.x https://X.X.X.X:6082/php/uid.php?vsys=1&rule=&url=http://www.URL.com
... View more
06-22-2018
10:38 AM
Dears, PA220 with interfaces as per below ethernet1/4 19 1 Local-Network vr:RT-LAN 0 172.26.57.1/25 ethernet1/5 20 1 Local-Network vr:RT-LAN 0 172.26.57.129/26 ethernet1/7.105 269 1 Local-Network vr:RT-LAN 105 172.26.59.1/27 ethernet1/7.106 270 1 Local-Network vr:RT-LAN 106 172.26.59.97/27 Captive portal already configured and we double checked everything... All looks good. PA220, PanOS 8.0.8 All tries to access Captive Portal shows up error message: 500 Internal Server Error - We tried to access all IPs with mgnt profile "response pages" - Redirect is OK, but users face that error message - Already tried restart web-server process and mgnt server process - This has nothing to do with HTTPS Certificate distribution, that is just a test forcing Caotive portal to show up (works on any other box we have) Test #1 ip 172.26.57.1 port 6082 Test #2 ip 172.26.57.129 port 6082 Test #3 ip 172.26.59.1 port 6082 Test #4 ip 172.26.59.97 port 6082
... View more
05-03-2018
07:27 AM
Hello Everyone! Site with 2 X PA500 in HA 2 Internet Links PANOS 7.1.16 ISP1 - 187.190.74.22 (internet dedicated) ISP2 - 192.168.0.66 (DSL link) Config done Virtual Router 1 - RT-LAN Virtual Router 2 - RT-WAN @RT-LAN 0.0.0.0/0 points to next VR "RT-WAN" @RT-WAN 0.0.0.0/0 points to 1/1, next hop 187.190.74.1, metric 10 0.0.0.0/0 points to 1/2, next hop 192.168.0.254, metric 10 Sec Rules OK, NAT rules OK Problem description: For some reason, PA500 just uses ISP1. If we go to routing table we see both paths OK... both 0.0.0.0 routes pointing to both ISPs, with "A S E" flags If we try to trace from public ISP2 interface, PA500 sends the packets to ISP1 admin@FW-0001> traceroute source 192.168.0.66 host 8.8.8.8 >>>>>ISP2 interface traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 40 byte packets 1 rindal-virtual-ethernet1-1-3.1664.totalplay.com.mx (187.190.74.3) 8.154 ms 7.897 ms 8.012 ms >>>>>ISP1 GW 2 10.180.59.84 (10.180.59.84) 3.950 ms 3.842 ms 3.899 ms 3 10.180.59.85 (10.180.59.85) 3.124 ms 3.147 ms 3.249 ms ^Cadmin@FW-0001> We have another box in PANOS 8.0.6 confugured the samw way... and the behavior is 100% OK >> ping from src ISP1 always goes out thru ISP1 link >> ping from src ISP2 always goes out thru ISP2 link Is there any ECMP BUG related to PANOS 7.1.16 ? Is there any other best practices to follow ? Thanks in advance!
... View more
03-29-2018
12:59 PM
Hello, We found some BGP routes with same AS we are using at our PA3020. PA3020 AS 65400 BGP route (from Cisco Router) * 172.27.0.0/20 193.242.39.6 0 65394 65390 8035 21302 65400 65316 64540 4755 4755 i Usually with Cisco routers we use the command neighbor X.X.X.X allow-as in What is the command in Palo Alto Fw ? Thanks!!
... View more
05-22-2017
06:34 AM
Hello, We use panorama. Why we see some URL Filtering version numbers in RED at "Managed Devices" ? (Some boxes have older versions and are not RED....)
... View more
03-23-2017
05:39 AM
Dears, we have a PA3020 Box already configured. We imported that config to Panorama (creating a new device group & template by default). We didnt mark "sharing" so the device group has unique objects Then we clanup the policies and objects to keep only the configuration base (kept only tags, address, address groups, app groups/filters etc) We inserted a new box in that device group and tried to commit device group (to push all that objects to the new box...) We received a commit failed saying the box already have some TAGs with same name also some APP error tag -> INTERNA 'INTERNA' is already in use application -> custom-app-spedfisc_5 'custom-app-spedfiscal_5' is already in use . What arethe best practicies to do this kind of job? Populate a new box with all these obects without an commit failing errors (like tags, apps ) ?
... View more
- Tags:
- panorama
02-06-2017
09:32 AM
Hello, When trying to renew some certificates (already expired and signed by a internal windows server) we receive the error message below: "Failed to write issuer certificate to disk" This is a VM-100 model We have other boxes (PA200 and 3020) with the same scenario (certificates signed by windows server and uploaded to PA box) that can be renewed without any problem... Does anyone has ever faced that problem ?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
11-25-2020
08:51 AM
|
Latest Blogs
Latest Posts
Copyright 2007 - 2021 - Palo Alto Networks
