Saving a backup of the candidate configuration to persistent storage on the firewall enables you to later revert to that backup (see Revert Firewall Configuration Changes). This is useful for preserving changes that would otherwise be lost if a system event or administrator action causes the firewall to reboot. After rebooting, PAN-OS automatically reverts to the Read More
Category: Firewalls
How to Renew an Expired Certificate – Palo-Alto Firewall
You have the renew option at the bottom of the certificates page : certificate renew optionIn case a certificate expires or is about to expire, select the corresponding certificate and click Renew. Set the validity period (in days) for the certificate and click OK. If the firewall is the CA that issued the certificate, the firewall replaces it Read More
Palo Alto URL Filtering Test Pages
Environment Any PAN-OS. Palo Alto Firewall. URL Filtering. Resolution Many of you are wondering, “How do I test to see if our URL Filtering service is enforcing my organization’s policies for malicious and benign URLs properly?” For benign categories, this is relatively straightforward, you simply visit the website and see if the designed policy is Read More
How to Fix “SSL Negotiation With License Manager Server Has Failed” on an Old SonicWALL Device
DESCRIPTION: Older firmware versions are not able to contact to the new HTTPS License server due to an updated certificate on our backend.The new certificate is a 2048 bit certificate and uses a secure Verisign certificate. (new IP 204.212.170.143) RESOLUTION: Resolution A Upgrade at least to the latest General Release (i.e. 6.2.5.3, 6.2.7.1, 5.9.1.7) Resolution B (workaround) in Read More
What’s The Difference – VPN IPSEC Tunnel Mode and Transport Mode
IPSec’s protocol objective is to provide security services for IP packets such as encrypting sensitive data, authentication, protection against replay and data confidentiality. As outlined in our IPSec protocol article, Encapsulating Security Payload (ESP) and Authentication Header (AH) is the two IPSec security protocols used to provide these security services. Analyzing the ESP and AH protocols Read More
Create A DHCP Lease Scope Dedicated For SonicWALL GVC Clients.
DESCRIPTION: This article describes how to create a DHCP dynamic lease scope without binding it to any interface of the SonicWall UTM appliance. Such a lease scope can have an IP address range not configured on any interface of the SonicWall. This would be helpful in environments where the administrator requires GVC users to have Read More