the worlds gone mad

we've lost the hope we had

Posted on 26 November 2022   11 min read

Palo Packet Captures

packet captures and debugging

Information on running packet captures and debugging commands to follow traffic flows.

Posted on 8 November 2022   8 min read

Viewing palo statistics

system resources and traffic statistics

Useful commands to see general information on the firewall resources been used, interface and traffic statistics, and traffic counters.

Posted on 5 November 2022   16 min read

Palo traffic flows and sessions

application identification and following traffic flows

Information on how applications are identified by App-ID and following sessions and traffic flows through the firewall using the CLI.

Posted on 26 October 2022   12 min read

Palo commit and rollback

pushing policies and rolling back changes

Palo Alto firewalls use the concept of a running config to hold the devices live configuration and the candidate config is copy of the running config where changes are made. A Commit operation causes the running config to be overwritten by the candidate config activating the changes.

Posted on 12 October 2022   23 min read

Palo Basic Setup

palo alto firewall setup using the cli

A run through using the CLI to set up a Palo firewall at home covering the initial configuration, upgrading, BGP routing and a basic firewall policy.

Posted on 27 July 2021   11 min read

Virtual Tunnel Interface (VTI) VPN

vti ipsec vpn between asa and asr

Over the years I have built numerous IPsec VPNs on ASAs using crypto maps and an ACL for the interesting traffic. For a simple solution to join small sites with no need for routing these work great and keep the complexity down to a minimum. For more complex environments or cloud connectivity you are probably going to need to use VTIs, this post goes through the process of building VTI VPNs between an ASR and ASA.

Posted on 13 August 2019   7 min read

Checkpoint Endpoint Security VPNs

remote access VPN on checkpoints

FEATURED TAGS
ansible checkpoint cisco eve-ng firewall napalm narrowboat nornir palo-alto python routing sd-wan switching vmware vpn
ABOUT ME
about_me_image

old school + new school = no school

UNSOCIAL MEDIA
BOOKMARKS
ARCHIVES
2024 (6)
2023 (2)
2022 (10)
2021 (12)
2020 (2)
2019 (2)
2018 (5)
2017 (11)