Friday, 17 January 2025

Palo alto and azure SAML auth

 https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g0000008U48CAE


Generate the the cert and make it active

Delete the old cert

Wait a few minutes for azure cloud to update 

Download the xml

delete old certs from palo

Import the xml into palo this will create cert and SAML IDP profile

Don't tick validate check box

Select the new IDP profile in your azure auth profile

Posted by at No comments:
Labels: , ,

Thursday, 2 January 2025

NAT rules on palo alto

 Making a note because its a bit different to cisco ASA


NAT rule

OUTSIDE > OUTSIDE 

Public src > Public dst


FW rule 

OUTSIDE > INSIDE (counted as inside because of the NAT)

Public src > Public dst

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)