Troubleshooting Palo Alto Firewall – PANOS 10

• Lectures: 24
• Students: 78

Troubleshooting Palo Alto Firewall – PANOS 10

Designed to reflect real life challenges

The Palo Alto Networks Firewall Troubleshooting course will help you to:

Understand the underlying architecture of the Next-Generation Firewall and what happens to a packet when it is being processed Investigate networking issues using firewall tools including the CLI Follow proven troubleshooting methodologies specific to individual features analyze advanced logs to resolve various real-life scenarios Solve advanced, scenario-based challenges

Prerequisites:

The “Firewall Configuration and Management” course or equivalent practical experience working with the Palo Alto Networks Next-Generation Firewall is a prerequisite to taking this Palo Alto firewall Troubleshooting course

Topics :

Module 1 : Tools and Resources   [ 1hr 14 mins ]

• How to perform a factory reset on a Palo Alto Networks device
• How to Retrieve Firewall Configuration in Maintenance Mode
• How to Reset the Administrator Password
• How to SSH into Maintenance Mode
• How to Reinstall or Revert PAN-OS from Maintenance Mode
• Restarting Management Server Process – CLI
• How to Generate and Upload a Tech Support File
• CLI to generate and export Tech Support File
• How to Restart the Web-related Processes
• Online resources – Live Community, KB

Module 2 : Command Line Interface  [ 1hr 38 mins ]

• Operational vs Configuration Mode
• Displaying and navigating command output
• General system health commands
• System and Resource Monitor Commands
• Dropped packet troubleshooting Commands
• Routing Debug Commands
• Test Security Policy match command
• Viewing and Deleting Logs from CLI
• IPsec Tunnel Troubleshooting Commands
• Using the CLI as a troubleshooting tool
• Import, Load, and Commit a Configuration File
• How to Troubleshoot Using Counters via the CLI
• TCPDUMP and Debug Data plane commands
• How to Create a Management Profile using the CLI
• CLI commands to show enable and disable application cache

Module 3 : Flow Logic [ 1hr 48 mins ]

• Packet Flow Sequence in PAN-OS
• Packets in slow path, fast path and offloaded
• Debugging packet flow
• Open packet-diagnostics file
• Identify dropped packets and the session end
• Session states and types
• Session Tracker Feature

Module 4 : Packet Captures [ 49 mins ]

• Packet Capture Concepts
• Packet Capture Stages
• Manage Filters
• Session offloading during packet capture
• Configuring Packet Captures – CLI and WebUI

Module 5 : Packet Diagnostics Logs [ 10mins ]

• Examine firewall Traffic logs and Threat logs
• Configure the packet filter
• Check global counters
• Configure and run packet capture and flow basic
• Interpret the flow-basic log and pcaps

Module 6 : Transit Traffic  [ 2hr 22 mins ]

• Troubleshoot Transit Traffic
• Session table and traffic logs
• Security policy to block Tor Application
• Not-Applicable, Incomplete, Insufficient Data in the Application Field
• Why does some traffic report as aged-out in traffic log
• Packets are Dropped Due to TCP Reassembly
• SYN-ACK Issues with Asymmetric Routing
• Tips & Tricks – Session Timeouts
• Troubleshooting slowness with traffic, Management
• Troubleshooting decreased throughput for SMB protocol
• Block risky URL categories
• Deny unknown applications
• Turn on SSL decryption
• Block untrusted and expired certificates

Module 7 : IPSEC VPN Troubleshooting [ 1hr 31 mins ]

• VPN Concept & Configuration
• Troubleshooting IPSec VPN Connectivity issues
• Troubleshooting IKE Phase 1
• Troubleshooting IKE Phase 2
• Interpret VPN Error Messages
• Check Routing and security Policy rules
• Proxy IDs – Route and policy Based VPNs
• IPSec Tunnel is up but packet is getting dropped
• Dead Peer Detection and Tunnel Monitoring
• IPSec with overlapping Networks
• How to enable debug on a single VPN Peer

Module 8 : System Services  [ 41 mins ]

• Identifying performance issues
• System Services Daemons
• Check running services
• Restart a service
• Gathering more data

Module 9 : Certificate Management and SSL Decryption Troubleshooting [1hr 44 mins]

• Troubleshoot and monitor Decryption
• Decryption Failure reasons
• Troubleshoot Pinned Certificates
• Troubleshooting SSL Certificates
• Unsupported and Failure Checks
• Remediating unsupported cipher suits
• Forward trust and Forward untrust Certificate
• Decryption Logging

Module 10 : User ID [ 54 mins ]

• System log, verify and fix user mapping issue
• Verify LDAP connectivity
• Fix the LDAP Server Profile
• Troubleshooting User-ID Cache timeout
• Useful CLI Commands to troubleshoot LDAP Connection

Module 11 : Global protect  [ 54 mins ]

• Troubleshooting Global Protect
• Tools and utilities used for troubleshooting on client Machines
• Tools used for troubleshooting on the Firewall
• Global Protect unable to Connect to portal or gateway
• Global Protect agent connected but unable to access resources
• Useful Global protect gateway CLI Commands
• Server Certificate is invalid Error Message Troubleshooting

Module 12 : Escalation and RMAs [ 7 mins ]