Showing posts with label firewalling. Show all posts
Showing posts with label firewalling. Show all posts

Tuesday, 28 January 2025

geoblock on palo alto

The FW needs to see the IP before geoblock can be applied 


under monitor > logs > GlobalProtect

( stage eq 'login' ) and ( status eq 'success' )


Also

Network > Gateways, click on the "Remote Users" link on the right


There is also the option to create the NAT for the GP IP only for the geo locations allowed


Have a general security rules with geoblock to/from any deny

Have a security rule to allow access to the GP IP only from the approved countries

Set the countries up in the GP config (portal / gateway)

Config the geoblock on any 2FA you might be using for 2FA as well as another line of defence

Enable the palo EDL blocks and dynamic threats etc, strict IPS

Posted by at No comments:
Labels: , , , , , ,

Friday, 17 February 2023

packet capture on cisco ASA firewall with trace

Good capture option here for ASA

You can do a show trace on it and it goes though it like a packet tracer

capture capout2 type raw-data trace detail interface OUTSIDE include-decrypted match ip host 192.168.10.50 host 8.8.4.4

show capture capout2 trace detail packet-number 1


Posted by at No comments:
Labels: , , , , , , , , , , , ,
Subscribe to: Posts (Atom)