Back to Blog
Palo alto networks firewall5/17/2023 ![]() On the palo alto I don't seem to have the same functionality. The users really liked this because its obvious and easy for for them to use. This was very easy to do on cisco ASA/anyconnect as I could simply create a profile for each and the users selected their profile from a drop down list on initial connect. I have a situation where I want one team to authenticate via Duo MFA (radius) and another team to authenticate via Azure MFA (SAML) when connecting to. ![]() Syslog server: RHEL 8.7 using rsyslog version 8.8ĭo I need to configure a certificate profile or OCSP responder on the PA to get TLS syslog working? ![]() I have also used diffrent variations on the PA syslog server profile such as TCP/514 and BSD log format. The syslog server is using TCP/514 and the PA FW Syslog server profile is configured for transport SSL/514 and log format IETF as outlined here: The PA side I get a "certificate verification failure error" The PA log settings and Server profiles are created and I can see the traffic being sent to the syslog server but I have a GnuTLS handshake error on the syslog server side. I also imported the IdM CA certificate into the PA and listed it as a Trusted Root CA. I can import the public/private key without issue and assign it as a certificate for Secure syslog in the firewall. I modified the private key to have a passphrase (ssl rsa -aes 256 -in fw.key -out fwp.key). key certificate from an external CA (IdM). I have not been able to get TLS syslog forwarding to work and looking for recommendations.
0 Comments
Read More
Leave a Reply. |