⇤ ← Revision 1 as of 2020-10-19 01:07:00
613
Comment:
|
← Revision 2 as of 2020-10-21 21:32:14 ⇥
989
|
Deletions are marked like this. | Additions are marked like this. |
Line 19: | Line 19: |
== Errors / Fix's == * Alert high: {{{ Commit on local device with running configuration not synchronized; synchronize manually }}} * Use "Config Audit" under [Device] > "Config Audit" * Info [[https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/high-availability/reference-ha-synchronization/what-settings-dont-sync-in-activepassive-ha|Pan-OS 9.1]] |
Notes on PaloAlto firewall
- PA known for integration with AD and TS, allowing rules based on user identity.
AD User-ID agent integration
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClR1CAK
verify connections to AD id-agent's
> show user user-id-agent statistics > show user ts-agent statistics #State conn:idle or conn:Get IPs
Verify Routing / BGP
> show routing interface
> show routing protocol bgp summary
- "router id:", "Local AS:",
> show routing protocol bgp peer
> show routing protocol bgp loc-rib
Errors / Fix's
Alert high:
Commit on local device with running configuration not synchronized; synchronize manually
Use "Config Audit" under [Device] > "Config Audit"
Info Pan-OS 9.1