How to route traffic between multiple logical routers aka Inter-LR Routing on a Palo Alto Networks Strata firewall? More precisely, inclusive route redistribution rather than a few static routes. –> Via iBGP through loopback interfaces. Let’s go: Setup Notes The advanced routing engine… Source link…
With PAN-OS 10.2, Palo Alto Networks has introduced the “Advanced Routing Engine” (ARE) with its “Logical Routers” (LR) rather than the legacy “Virtual Routers” (VR). The Advanced Routing Engine simplifies operations with a standards-based configuration, which reduces your learning curve since… Source link Author: legendary…
I was faced with an interesting customer requirement: An existing guest Wi-Fi should be prefaced with a welcome page for accepting the terms and conditions. Since there was already a Palo Alto Networks firewall in place, could we perhaps use its captive portal directly for…
With PAN-OS 9.0 (quite some time ago), Palo Alto Networks has added Dynamic DNS for a firewall’s interfaces. That is: If your Internet-facing WAN interface gets a dynamic IP address via DHCP or PPPoE (rather than statically configured), the firewall updates this IP address to…
Email is still the most common communication protocol on the Internet. And since I was missing some variants of the related protocols, IMAP, POP3, and SMTP in the Ultimate PCAP, I did some captures. Here are a few details. While there were already basic IMAP…
Als Consultant im Homeoffice mache ich vor allem eins: Telefonieren und an Videokonferenzen teilnehmen, neudeutsch: Calls. Und es nervt mich total, wenn mein Gegenüber einen schlechten Ton hat. Also akutisch. Das verbaute Mikrofon im Notebook oder irgendwelche Raummikros gehen gar nicht…. Source link Author: legendary…
Wow, that was unexpected: With PAN-OS 11.1 the out-of-band management interface of Palo Alto Networks firewalls doesn’t accept an IPv6 default route pointing to one of its own data interfaces anymore. That is: In most setups, you can’t use IPv6 for management purposes anymore. “Works…
It happens occasionally that a customer has to choose between a Palo and a Forti. While I would always favour the Palo for good reasons, I can understand that the Forti is chosen for cost savings, for example. Fortunately, there is a hidden way of…
