Site to Site VPN behind router (ADSL)

In most cases, a branch (remote) office uses a static outside IP address to connects to a main office and we covered that in a previous post.

We configured a site-to-site IPsec VPN between two Cisco ASA firewalls with static IP address on both end, and also we covered site-to-site VPN with Dynamic IP on one end.

What if one of the remote ASA firewall at branch office is behind provider router (ADSL) and have a dynamic public IP from the ISP?

In this post I will take you through the steps to configure a PPPoE, IPsec/GRE VPN tunnel behind provider router (ADSL) with dynamic IP in the remote office.

more …

 

Cisco Site to Site VPN (Dynamic to Static)

In most cases, a branch office uses a static outside IP address to connects to a main office by configuring a site-to-site IPsec VPN between two Cisco ASA firewalls with static IP address on both end, But what if one of the remote ASA firewalls has a dynamic IP address?

more …

Cisco PIX/ASA Site-to-Site IPsec VPN Configuration

The Site-to-Site IPsec VPNs were used to connect two distant LANs together over the Internet. Private addresses were used on the LAN that means without tunneling the two LANs would be unable to communicate with each other.

more …

How to Log Windows Firewall Activity

Firewall Logging is Useful to verify if newly added firewall rules are working or not, to identify malicious activity,  and to determine if the firewall is dropping packet which causes application  failures.

By default, the Firewall log is disabled.

more …

Palo Alto Layer 3 deployment

Layer 3 is the classical deployment method for the PA firewall, and it is always considered the standard and most powerful deployment method because it has all of the functionalities, while other deployment methods have some limitations (example of the other deployment methods are virtual wire, layer 2, etc …)

In this tutorial, I will explain Layer 3 Interfaces deployment.

more …

The Concept of PaloAlto configuration management – P1

The concept of configuration management

PA configuration management has powerful functions to manage configuration, but at the same time it can be very confusing if you are used to other firewalls vendors. So, let me explain the concept of configuration management, and how to set it up in the right way in order to be effective to make a full use of it.

I would like to share my experience with you. Let’s start with configuration management; on a Palo Alto firewall, there is a dedicated Management plane and Data plane.

more … concept of Palo Alto configuration management

Forefront Threat Management Gateway

Forefront Threat Management Gateway (TMG) 2010 is an integrated edge security gateway from Microsoft. It is a Common Criteria certified (EAL4+) enterprise-class application-layer firewall that includes support for proxy services (forward and reverse proxy), content caching, and VPN (both site-to-site and remote access). Forefront TMG is licensed per processor; no client access licenses are required. It can be deployed in all of these roles, or any subset of them.

Virtual Router

Steps for creating Virtual Router and assign interfaces to the router.

more ..

Palo Alto as a Virtual machine

Palo Alto as a Virtual machine

In order to get hands on experience with Palo Alto Firewall, I will walk you through the steps for install and configure PA as a Virtual machine “PA as VM” on your workstation and build your own lab.

In my next post; we’re going to work on scenarios to configure PA

more…