Palo Alto

Install SSL certificate on Palo Alto Networks or Cisco ASA Firewalls

Overview Firewalls require SSL certificates in one of the following scenarios: Secure management WebGUI access Provide SSL-based remote VPN Perform peer authentication to establish Site-To-Site VPN tunnels Administrator’s tasks include obtaining a certificate either through public or enterprise Certificate Authority, certificate renewal and ensuring that the private key is safe and backed up. This article …

Install SSL certificate on Palo Alto Networks or Cisco ASA Firewalls Read More »

Site-To-Site VPNs on Palo Alto Networks Firewalls

Palo Alto Networks firewalls provide site-to-site and remote access VPN functionality. This article covers overview and configuration of IPSec site-to-site tunnels which are compatible with equipment from other vendors. IPSec tunnel is established between two gateways over IP network and is transparent to end devices communicating over this tunnel. Transport network (usually Internet) between gateways …

Site-To-Site VPNs on Palo Alto Networks Firewalls Read More »

Packet Flow and Order of Operations in PAN-OS

Order of operations in Palo Alto Networks firewalls consists of 6 stages: Ingress > Session Setup (Slowpath) > Existing Session (Fastpath) > Application Identification > Content Inspection > Egress Forwarding. Understanding how traffic is being processed within the firewall is important for writing security and NAT policies and troubleshooting. The following sections provide information about …

Packet Flow and Order of Operations in PAN-OS Read More »