top of page

PA Packet Capture & Config Audit

  • Writer: Mukesh Chanderia
    Mukesh Chanderia
  • Jan 16, 2022
  • 1 min read

Updated: Feb 21, 2022

Monitor --> Packet Capture


Step 1: Create a Filter


Click Manage Filter & set source and destination.


ree



Stage — Indicate the point at which to capture packets:


ree

drop — When packet processing encounters an error and the packet is dropped.


firewall — When the packet has a session match or a first packet with a session is successfully created.


receive — When the packet is received on the data plane processor.


transmit — When the packet is transmitted on the data plane processor.


File - Specify the capture file name.


Packet Count — Specify the maximum number of packets, after which capturing stops.


Byte Count — Specify the maximum number of bytes, after which capturing stops.



ree

Now ensure to put Filter "ON" else firewall will take capture on all interface of all traffic.


ree

Now make "ON" packet capture.


ree

Firewall will display this warning but if proper filtering is in place, then there won't be any impact.


Now click on refresh icon above Captured Files.



ree


Config Audit


Select Device > Config Audit to see the differences between configuration files. The page displays the configurations side by side in separate panes and highlights the differences line by line using colors to indicate additions (green), modifications (yellow), & deletions (red)


Let's create two Addresses, one for Inside host and another for DMZ



ree


From bottom drop down menu select two config which you would like to compare and hit "GO".



ree


Configure PA with AD Server


Device --> Server Profile --> LDAP

ree

LDAP or AD Server has to be connected to Authentication Profile.



ree


Capitative Portal


Device --> User Identification



ree

Management profile has to be applied to interfaces in Zone where we would like to enable UserID



ree


Load Sharing: It's always 50%-50%


Load balancing: It's always in ratio say 3:1



Recent Posts

See All
PANORAMA

Hook Firewall & Panorama Step 1: Go to Firewall and add the IP address of Primary and secondary Panorama. Step 2: Go to Panorama and in...

 
 
 

Comentarios


Follow me

© 2021 by Mukesh Chanderia
 

Call

T: 8505812333  

  • Twitter
  • LinkedIn
  • Facebook Clean
©Mukesh Chanderia
bottom of page