Notes on PaloAlto firewall

PA known for integration with AD and TS, allowing rules based on user identity.

AD User-ID agent integration

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClR1CAK
- verify connections to AD id-agent's
```
> show user user-id-agent statistics
> show user ts-agent statistics

#State conn:idle or conn:Get IPs
```

Verify Routing / BGP

> show routing interface
> show routing protocol bgp summary
- "router id:", "Local AS:",
> show routing protocol bgp peer
> show routing protocol bgp loc-rib

Errors / Fix's

Alert high:

Commit on local device with running configuration not synchronized; synchronize manually

Use "Config Audit" under [Device] > "Config Audit"
- Info Pan-OS 9.1

Firewall/PaloAlto (last edited 2020-10-21 21:32:14 by PieterSmit)

Page.execute = 0.001s
getACL = 0.000s
init = 0.001s
load_multi_cfg = 0.000s
run = 0.011s
send_page = 0.009s
send_page_content = 0.002s
total = 0.011s