Reference: https://live.paloaltonetworks.com/t5/Management-Articles/What-does-the-Number-of-Bytes-in-the-Traffic-Log-represent/ta-p/56208 https://live.paloaltonetworks.com/t5/Management-Articles/Not-Applicable-Incomplete-Insufficient-Data-in-the-Application/ta-p/65711 https://live.paloaltonetworks.com/t5/Management-Articles/Not-Applicable-Incomplete-Insufficient-Data-in-the-Application/ta-p/65711 I have a rule that uses icmp/ping/traceroute as application, and the service is Any instead of the correct “application-default”, nmap will show that a lot of ports are opened. I use a telnet to the target … Continue reading
Introduction An organisation has gone through the gap analysis by consultant and engaged your company to do phase 1 implementation based on the treatment plan by consultant. This is a new office by the organisation. The implementation phases are broken … Continue reading
Suppose you want to verify if your packet actually reach the untrust interface of Palo Alto Network firewall, you can let the untrust interface of the firewall to send echo reply by using set network profiles interface-management-profile command. Firewall policy … Continue reading
Suppose your virtual-router profile has to be applied on both layer3 interfaces you can do the following configuration in command line.
Configuring Layer 3 interfaces Command line interface Web interface Click on Network tab then select Interfaces. Define zone for L3 interface Command Line Interface Web Interface Click Network then select Zones, you can create your zone or use the default … Continue reading