Friday, December 29, 2017

PCNSE version 8

Since PANOS  7, we are  awaiting for PANOS v8 certification. Nothing so far has came up on the radar from  PaloAlto for  ver8.x

 https://www.paloaltonetworks.com/services/education/pcnse

I would suggest  checking the PANOS 8  new features


https://www.paloaltonetworks.com/services/education/pcnse







NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
         o 
        /  \

Friday, December 1, 2017

F5 disconnect issues due to time mismatch

Working with the F5-LTM within a  device cluster ,  a "disconnect" issues are bound to always come up.


One simple reason that's commonly over looked ; "if the devices time value are  far off , they two LTM will show a disconnected stated"


This will keep the two device device-trust from synchronizing since the  device-certificate would be to far spread between the two. NTP and clock-sync is a must within a F5-LTM.



Here's a typical f5-ltm  error for clock . This system is over 2+ years off.




Using the  unix date command ( from within the LTM bash shell )  we will adjust the system clock to the correct time. As soon as the time is corrected,  the  F5-LTM will reconnect and the disconnected status will vanish.
 







Ken Felix







 
 
NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
         o 
        /  \