This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About faizankhurshid
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About faizankhurshid
07-24-2018
47Posts
1Like
0Solutions
Jul 24, 2018Last Visited
User
Activity
User
Profile
Latest posts by faizankhurshid
| Subject | Views | Posted |
|---|---|---|
| 3561 | 07-22-2018 12:18 PM | |
| 3565 | 07-22-2018 09:44 AM | |
| 3725 | 07-14-2018 03:06 AM | |
| 5471 | 07-06-2018 11:38 PM | |
| 2999 | 07-06-2018 11:34 PM | |
| 5480 | 07-06-2018 08:05 AM | |
| 3166 | 07-06-2018 07:59 AM | |
| 3238 | 07-06-2018 03:09 AM | |
| 5677 | 07-06-2018 03:07 AM | |
| 3756 | 07-06-2018 01:24 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 03-27-2018 02:00 PM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like | |||
| 2 Likes | |||
| 2 Likes | |||
| 1 Like | |||
| 1 Like |
User Badges
Community Statistics
| Member Since | 02-10-2018 12:25 AM |
| Date Last Visited | 07-24-2018 08:06 AM |
| Posts | 47 |
| Total Likes Received | 1 |
07-22-2018
12:18 PM
@pulukas thank you. I got your point. But then I have to make two security rules right? one for vwire-10 (going to gateway of vlan10) and other policy is for vwire-20 (coming from gateway of vlan 20 to server? Also, if firewall is off path to core firewall, then I have to host vlan gateway also on L2 firewall for inter-vlan firewalling?
... View more
07-22-2018
09:44 AM
Hi All Can Palo Alto bridge two VLAN like VLAN 10 and VLAN 30 that have different subnets? or both VLAN should have same subnet? Basically what I want, I have VLAN 10 having subnet 10.10.10.0/24 and VLAN 30 having subnet 192.168.1.0/24. Both VLAN have gateway on core switch. How can I use Palo Alto firewall in layer 2 mode to do the firewalling between two VLAN
... View more
07-14-2018
03:06 AM
@Remo OK. The Qos requirement is, for traffic coming from LAN with marking af41 when goes to a particular IPSEC VPN tunnel then it should get real time priority and 2MB bandwidth. I know, 1- I have to make on Qos profile say 'VPN-QOS' for IPSEC VPN traffic, define class (say class 2) and assing priority and bandwidth. 2- I will make Qos policy and match dscp marking af41 and assign class 2 The question is when I apply Qos Profile on egress interface. There is option for clear text traffic and tunnel traffic. For tunnel traffic, I selected 'VPN-QOS'. For clear text traffic what I need to select? (as for clear text traffic, I do not want any Qos)
... View more
07-06-2018
11:38 PM
@BPry thanks. Is there any way to troubleshoot that my custom parser is matching (any CLI comamnd in firewall) or if my custom parser is not matching, then how can I troubleshoot this? Also from syslog, I noticed that username is in different line of log and IP is in different line of log? Does multiline matching is supported with syslog or I have to use SSL?
... View more
07-06-2018
11:34 PM
@BPry @Brandon_Wertz thanks. So one user can have mulitple IP but one IP can only be tied to one user? Like one single machine, mulitple account cannot be login simultaneously? It will give bind IP of machine to last login user?
... View more
07-06-2018
08:05 AM
@LukeBullimore Thanks but when I am running below command, I am seeing 'number of auth success messages 0) admin@PA-5050> show user server-monitor state Syslog2 UDP Syslog Listener Service is enabled SSL Syslog Listener Service is disabled Proxy: Syslog2(vsys: vsys1) Host: Syslog2(10.5.204.41) number of log messages : 6 number of auth. success messages : 0 Also, I am not able to see any user-ip mapping from syslog (even if it is wrong). So means messages are comming from syslog but parser should give me correct or wrong username/ip mapping?
... View more
07-06-2018
07:59 AM
@Brandon_Wertz Thanks. It make sense. Also for one user, I am seeing two IP and both source is AD. How is it possible? The user login on domain machine and one entry is showing IP of that machine. He is also login through remote access VPN (integrated with AD) and other entry showing IP is from remote pool. Any explaination of this?
... View more
07-06-2018
03:09 AM
Hello All If same user information is coming from AD and from other source like Cisco ISE syslog messages then which one takes preference in firewall? Also who can I verify that both sources are sending user/ip mapping? As I always see source AD using command 'show user ip-user-mapping'
... View more
07-06-2018
03:07 AM
Hello Syslog server is sending logs to firewall for user-ID parsing. 1- How can I verify that logs are receiving on firewall? 2- How can I test, my custom parser is working to identify the user/ip mapping?
... View more
07-06-2018
01:24 AM
Hi All I have four VPN sites and HQ with VOIP deployed. On HQ Palo Alto, I want if traffic come from LAN with some marking like 'af41' then give priority (real time) and copy the dscp marking when send across IPSEC VPN? -> For this, I have made one qos profile say 'vpn_profile_voip' with class '2' and assign priority 'real time' -> Then applied on egress physical interface ethernet1/1 by selecting the profile 'vpn_profile_voip' in drop down menu of 'tunneled interface' -> Made Qos policy with source any, destination VPN destination subnets, dscp marking 'af41' then assign class '2' My question are, 1- After applying the Qos will it again copy the 'af41' in ESP header, when traffic tunnled through IPSEC VPN? so ISP can also enforce qos based on that dscp code in their network 2- I do not want to apply Qos on clear text traffic going to internet from same egress interface ethernet1/1. So should I apply 'default' qos profile for 'clear text' or should I have to make one new qos profile say 'no-qos' without defining any class (so all clear text traffic will fall under class 4)? 3- For the traffic (marked with 'af41' comes from sites to HQ), how to apply the qos with same requirement of match with 'af41' then set priority 'real time' Where I need to apply Qos profile? @reaper
... View more
05-26-2018
11:36 AM
Hello Apparrently, firewall is using proxy settings (that are configured for dynamic updates) for uploading files to WF500 on port 10443. I want firewall not to use proxy settings for file uploading to WF500. How can I achieve that? Regards
... View more
05-17-2018
05:16 PM
Thanks but do you have any use case in mind why we want to exclude certain subnets either at user-id-agent level or zone level on firewall?
... View more
05-17-2018
01:22 PM
@Remo actually I am asking about both? what is the difference between two and use case of both. Thanks for the help
... View more
05-17-2018
11:33 AM
@BPry thanks but do you have any use case where you are using exclude list on firewall or user-id-agent? I can think of like guest user subnet that are not authenticating through DC so we can exclude that subnet on firewall.
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks