image

How to Clear Logs To Increase Disk Space on a Palo Alto Firewall

Symptom The /opt/panlogs disk partition is high > show system disk-space Filesystem Size Used Avail Use% Mounted on /dev/root 7.0G 4.1G 2.6G 62% / none 3.2G 92K 3.2G 1% /dev /dev/sda5 16G 2.4G 13G 16% /opt/pancfg /dev/sda6 8.0G 3.2G 4.4G 43% /opt/panrepo tmpfs 2.2G 1.7G 492M 78% /dev/shm cgroup_root 3.2G 0 3.2G 0% /cgroup /dev/sda8 Read More

image

Save and Export Firewall Configurations – Palo Alto Firewalls

Saving a backup of the candidate configuration to persistent storage on the firewall enables you to later revert to that backup (see Revert Firewall Configuration Changes). This is useful for preserving changes that would otherwise be lost if a system event or administrator action causes the firewall to reboot. After rebooting, PAN-OS automatically reverts to the Read More

image

How to Renew an Expired Certificate – Palo-Alto Firewall

You have the renew option at the bottom of the certificates page : certificate renew optionIn case a certificate expires or is about to expire, select the corresponding certificate and click Renew. Set the validity period (in days) for the certificate and click OK. If the firewall is the CA that issued the certificate, the firewall replaces it Read More

image

Palo Alto URL Filtering Test Pages

Environment Any PAN-OS. Palo Alto Firewall. URL Filtering. Resolution Many of you are wondering, “How do I test to see if our URL Filtering service is enforcing my organization’s policies for malicious and benign URLs properly?”  For benign categories, this is relatively straightforward, you simply visit the website and see if the designed policy is Read More

image

How to Fix “SSL Negotiation With License Manager Server Has Failed” on an Old SonicWALL Device

DESCRIPTION: Older firmware versions are not able to contact to the new HTTPS License server due to an updated certificate on our backend.The new certificate is a 2048 bit certificate and uses a secure Verisign certificate. (new IP 204.212.170.143) RESOLUTION: Resolution A Upgrade at least to the latest General Release (i.e. 6.2.5.3, 6.2.7.1, 5.9.1.7) Resolution B (workaround) in Read More

image

What’s The Difference – VPN IPSEC Tunnel Mode and Transport Mode

IPSec’s protocol objective is to provide security services for IP packets such as encrypting sensitive data, authentication, protection against replay and data confidentiality. As outlined in our IPSec protocol article, Encapsulating Security Payload (ESP) and Authentication Header (AH) is the two IPSec security protocols used to provide these security services.  Analyzing the ESP and AH protocols Read More