Palo Alto Networks Posts

           Ad – Amazon Networking Products

Palo Alto Networks

Posts

  • Palo Alto Networks Custom ACC Tab
    I discuss the use of a custom ACC tab and provide instructions of importing a custom tab. Also, I have a custom ACC tab available for download.
  • Internet BGP with Arista – Part 2
    Are routers dead? I tested Internet BGP Peering with GNS3 using an Arista switch instead of Cisco. OSPF and iBGP are used with Palo Alto firewalls.
  • Palo Alto Networks CLI Cheat Sheet
    Palo Alto Networks firewalls are known for their GUI for management, the CLI is still used. There are some commands used at the CLI for troubleshooting.
  • IP Geolocation and Why It’s Important (Critical)
    Most Next Generation Firewalls allow security policies to include IP geolocation. But what is IP geolocation? I explain what it is and what can go wrong.
  • How to Disable the GlobalProtect Download Page
    A PAN firewall configured as a GlobalProtect Portal or Gateway will display a page to download the client. This feature has created some downsides.
  • Palo Alto Networks User-ID (Data) Redistribution
    User-ID redistribution with Panorama is a way of sharing this information with multiple devices across the organization’s geographical and cloud infrastructure.
  • Multiple ISP Connectivity & Redundancy Options
    Many businesses have more than one Internet connection for redundancy. For redundancy, Most of the topologies in this post include two firewalls and ISPs.
  • Internet BGP with Arista – BEWARE!
    Are routers dead? I tested Internet BGP Peering with GNS3 using an Arista switch instead of Cisco. OSPF and iBGP are used with Palo Alto firewalls.
  • Palo Alto Networks Rulebase Changes via CLI
    A best practice is to use the Palo Alto Networks External Dynamic Lists (EDL) to block inbound and outbound traffic. Region Codes can be used to block traffic too.
  • Palo Alto Networks (PCNSE) Certification Study Resources
    Here I compiled Palo Alto Networks certification study resources. The focus is on PCNSE, but it can apply to other PAN certifications.
  • Palo Alto Networks Virtual Router for Testing an Additional ISP
    If you need to add an additional ISP to a Palo Alto Networks (PAN) firewall with an existing ISP circuit, place the second in its own Virtual Router (VR).
  • VPN Encryption and Request Form
    VPN encryption options have changed over time. I summarized the current ones and what is recommended. Also, made my VPN Request form available.
  • Palo Alto Networks External Dynamic Lists
    Palo Alto Networks provides two external dynamic lists (EDL) for blocking or allowing traffic. The EDL Hosting Service is beneficial for security policies.
  • Palo Alto Networks NGFW DNS Proxy
    The Palo Alto Networks NGFW supports DNS Proxy. When you configure the firewall as a DNS proxy, it acts as an intermediary between hosts and DNS server(s).
  • New Palo Alto Firewall Web Setup
    Here are my notes for the first-time setup of a Palo Alto Networks hardware firewall using the web interface. Be aware of the default vwires!
  • New Palo Alto Firewall Setup via the CLI
    Here are my notes for the first-time setup of a Palo Alto Networks hardware firewall using the CLI and console port. The mgmt port can be static or DHCP.

Copyright © Packet Passers 2024