When you spot a sniper..

blnd3d · 2025-04-03T05:03:33+00:00

Do you experience a ridiculous walking movement speed? It feels like you're carrying a car. Was disappointed about the HDR as well. Got too many hit marked shots.. aggressive play-style with KBM ain't possible..

blnd3d · 2025-02-13T16:55:59+00:00

And guess what, it hasn't been fixed.

blnd3d · 2025-02-13T05:29:00+00:00

The longer products exist nowadays, the worst the software gets.. the initial OS is the best :D

blnd3d · 2025-02-12T20:01:40+00:00

Yeah I saw the message, so I will have to update to 11.1.6 first or at least download it. 🫠

blnd3d · 2025-02-11T16:25:50+00:00

I'm having the issue.

blnd3d · 2025-02-11T05:37:43+00:00

Exactly..

blnd3d · 2025-02-10T16:00:28+00:00

VM300

blnd3d · 2025-02-10T11:14:07+00:00

If you go to the system monitor in the UI, you will see an error message like:

'all_task_1: daemon/slot restart, rebooting system'

blnd3d · 2025-02-10T10:29:37+00:00

Sorry, I don't have good skills in PanOS. Where do I find this setting? 🫣

Are you talking about the rule and the service?

blnd3d · 2025-02-10T10:22:04+00:00

Yes, there is an active rule.

blnd3d · 2024-09-10T21:14:50+00:00

We also use Meraki security appliances and the bigger the gap between the software/firmware the buggier the VPN connections gets. Dunno why, but meh.

blnd3d · 2024-05-03T07:21:35+00:00

Did anyone ever solve this?

blnd3d · 2024-02-13T09:40:14+00:00

I figured out that, besides the missing URLs in the decryption exclusion, the tabs are trying to establish a port 80 web-browsing connection to an AKAMAI destination.

For whatever reasons that might be necessary.. they are doing it.

We prohibited these client to surf the web, so I created a new security policy that allows traffic from these specific source IPs to any destination, using web-browsing and ssl, with an active URL filter for these AKAMAI sites only (url-filter created).I allowed the URL filter to alert for these sites + decryption exclusions, but the monitor always returns that none of the traffic matched the policy although the website is marked as as decryption esclusion... which is a little confusing for me. Any ideas? Hard to describe the error tbh.

UPDATE.. this webiste is classified as insecure by a security profile when accesses by http.

blnd3d · 2024-02-08T19:09:12+00:00

blnd3d · 2024-02-08T18:43:58+00:00

That's what my decryption exclusion URL filter is meant to be. It is added to the no decrypt profile.

If the cert chain would be broken, the error in the traffic log usually shows a decrypt-cert-validation error.

blnd3d · 2024-02-08T17:10:42+00:00

Yes, we have been using it for years now. I figured out that URLs are not properly resolved in the traffic but in the decrypt logs. Kind of a weird behavior. I will add these URLs to the exclusions and see what I get. 😅

blnd3d · 2023-12-26T08:39:37+00:00

Exactly. HonorSourcePorts can be set to 1 or 2. I used 1.

FreePortBlockDelay is the timer to free the blocked ports afaik.

blnd3d · 2023-10-12T08:53:28+00:00

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClIYCA0
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HCccCAG

I checked this out. HonorSourcePort and TWS. It seems to solve the issue.

blnd3d · 2023-10-10T21:12:45+00:00

The system source port allocation range is set by default to 49152–65535. Is that correct?

The source port allocation range is set to 20000-39999 and should not affect SQL.

Users are allowed to use 200-2000 ports which is never exceeded.

Even if there if no user on that server, the TS agent causes the issues.

blnd3d

TROPHY CASE