palo alto vm-100 configuration lab
TRANSCRIPT
Palo Alto VM-100 Configuration LabVMware and Linux based
Network topology diagram
Lab configurations
● Initial setup● Configurations of zones, management profiles and interfaces● Configuration services (DHCP and NAT)● Policies and App ID configuration● Content ID configuration● Outbound SSL Decryption● Site-to-site IPSec VPN● Monitoring the system with OMD - Open Monitoring Distribution
Terminal server management console login details
You can use web-based ssh client or any other (PuTTy, SecureCRT) Login details are:hostname: ts.4pu.comusername: testpassword: TestmylaB123 (case sensitive)
Terminal server management console login
TeamViewer management console login details
Please use my free account below● TeamViewer Login● email: [email protected]● password: testmylab123
You can verify my configuration or modify and test your own.
TeamViewer management console
TeamViewer management console
TeamViewer management console
TeamViewer management console
TeamViewer management console
TeamViewer management console
TeamViewer management console
TeamViewer management console
Hosts configurationPalo Alto (PA-VM100) configuration
● GUI login: username = admin, password = admin● mgmt ip address 192.168.0.203/24 default gateway 192.168.0.1● eth1/1 ip address 2.2.2.1/24 security zone INTERNET● eth1/2 ip address 20.20.1.1/24 security zone DC-FTP-SERVER● eth1/3 ip address 30.30.1.1./24 security zone INSIDE USERS● eth1/4 ipaddress 40.40.1.1/24 security zone DMZ-WEB-SERER
TEST-HOST configuration (Linux Xubuntu)
● eth0 ip address 192.168.0.55/24 default gateway 192.168.0.1● eth2 ip address 10.10.128.2/24 default gateway 10.10.128.1
Data Center Server (SliTaz GNU/Linux)
● eth0 ip address 20.20.1.2/24 default gateway 20.20.1.1
INSIDE USER (Linux Lununtu)
● eth1 ip address 30.30.1.2/24 default gateway 30.30.1.1
DMZ SERVER (SliTaz GNU/Linux)
● eth0 ip address 40.40.1.2/24 default gateway 40.40.1.1
Initial device setup/access
Initial device setup/access
Initial device setup/access
Zones configuration
Management profiles configuration
Interfaces ip address configuration
DHCP configuration
DHCP offer Wireshark capture
General overview of concepts
General overview of concepts
Policies and App ID configuration
Policies and App ID verification
Content ID configuration
Content ID configuration
Content ID verification
Outbound SSL Decryption configuration
Outbound SSL Decryption configuration
Outbound SSL Decryption configuration
Outbound SSL Decryption configuration
Outbound SSL Decryption configuration
Site-to-Site IPSec VPN configuration
Site-to-Site IPSec VPN configuration
Site-to-Site IPSec VPN configuration
Site-to-Site IPSec VPN configuration
Site-to-Site IPSec VPN configuration
Site-to-Site IPSec VPN configuration
Monitoring system login details:http://omd.4pu.com/nms/check_mk username: guest password: guest123
Monitoring the system
Monitoring the system