-
Palo Alto User-ID Configuration for local Active Directory
Start by configuring DNS on the Palo to point to the AD servers or applicable DNS Proxy Object: Go to Device -> Management -> Setup -> Services References:
-
Setting up GlobalProtect Multifactor Authentication
Assuming that you have already followed Palo Alto’s instructions to set up the Global Protect portal and gateway, configuring MFA is pretty straightforward. First and foremost, you need an Identity Provider that stores [and verifies] user identity and an MFA solution such as Okta, Duo, Evo Security, Jumpcloud, RSA SecurID,…
-
Troubleshooting LACP incompatibility
The other day I was working remotely directing an on-site technician with the install of two 24 port Ruckus ICX Fastiron switches in a secondary building that would replace some aging Adtrans. It would use a fiber LACP-lag to the primary building hosting the main data room and core Cisco…
-
-
Freeradius Vendor Specific Attributes
This blog post is still being edited… By default, when Radius encounters a successful authentication, it will send back an access accept message to the radius client that initiated the request. This access accept is interpreted (by most devices) as full-authorization, since there are no other options that determine the…
Recent Posts
- September 2024 (10)
- August 2024 (2)
- Active Directory (2)
- Certificates (2)
- Firewall (2)
- Powershell (1)
- Radius (3)
- Routing and Switching (1)
- Uncategorized (3)
The Packet Blog 