GetSecureScore

How to Search System Logs Through PAN-OS CLI

This article is showing how to do quick/handy search for the specific pattern in the system logs, although it is not only limited to this log. Example 1  – (case sensitive)In the first example we are searching for the pattern “Installed” in the backward direction which is optional but be aware that the pattern itself Read More

GetSecureScore

How to Fix “Incomplete Certificate Chains” on Palo Alto Firewalls

Find websites that cause incomplete certificate chain errors. Filter the Decryption log to identify Decryption sessions that failed because of an incomplete certificate chain.In the filter field, type the query (err_index eq Certificate) and (error contains ‘http’). This query filters the logs for Certificate errors that contain the string “http”, which finds all of the error Read More

GetSecureScore

How to Configure a GlobalProtect Gateway

Add a gateway. Add a new gateway (NetworkGlobalProtectGateways). Name the gateway.The gateway name cannot contain spaces and must be unique for each virtual system. As a best practice, include the location or other descriptive information to help users and administrators identify the gateway. (Optional) Select the virtual system Location to which this gateway belongs. Specify the network information that Read More

GetSecureScore

How to Generate a CSR (Certificate Signing Request) & Import the Signed Certificate in Palo Alto

Environment PAN-OS 7.1 and above. Palo Alto Firewall. Resolution PAN-OS includes a feature to create a Certificate Signing Request (CSR). This feature can create a Certificate Signing Request (CSR) for sending to a public third-party Certificate Authority like Verisign, Globalsign, Entrust, and so on… Steps Generate the CSR Go to Device > Certificate Management > Certificates. Read More

GetSecureScore

Configure Active/Passive HA on Palo Alto Firewalls

The following procedure shows how to configure a pair of firewalls in an active/passive deployment as depicted in the following example topology. To configure an active/passive HA pair, first complete the following workflow on the first firewall and then repeat the steps on the second firewall. Connect the HA ports to set up a physical Read More

GetSecureScore

Understand What Difference Between Policy-based vs. Route-mode VPN

From the beginning of mankind, the users have wanted to communicate securely and to protect sensitive information. With modern society where everything is digitized, this need for protection when it comes to computer network communication is fulfilled by Virtual Private Network (VPN). One of the most used protocols to build a VPN is Internet Protocol Read More