Install SSL certificate on Palo Alto Networks or Cisco ASA Firewalls
Jun 2, 2019
Overview Firewalls require SSL certificates in one of the following scenarios: Secure management WebGUI access Provide SSL-based remote VPN Perform peer authentication to establish Site-To-Site VPN tunnels Administrator’s tasks include obtaining a certificate either through public or enterprise Certificate Authority, certificate renewal and ensuring that the private key is safe and backed up. This article …
Read MoreSite-To-Site VPNs on Palo Alto Networks Firewalls
Apr 5, 2019
Palo Alto Networks firewalls provide site-to-site and remote access VPN functionality. This article covers overview and configuration of IPSec site-to-site tunnels which are compatible with equipment from other vendors. IPSec tunnel is established between two gateways over IP network and is transparent to end devices communicating over this tunnel. Transport network (usually Internet) between gateways …
Read MorePacket Flow And Order Of Operations in Pan OS
Mar 15, 2019
Order of operations in Palo Alto Networks firewalls consists of 6 stages: Ingress > Session Setup (Slowpath) > Existing Session (Fastpath) > Application Identification > Content Inspection > Egress Forwarding. Understanding how traffic is being processed within the firewall is important for writing security and NAT policies and troubleshooting. The following sections provide information about ...
Read MorePalo Alto Firewalls Configuration Management
Mar 10, 2019
Candidate and Running Config Palo Alto Firewalls are using commit-based configuration system, where the changes are not applied in the real-time as they are done via WebGUI or CLI. To apply the changes, an administrator needs either to enter commit command in CLI or to press Commit button in WebGUI. Configuration file is stored in ...
Read More