Jump to content

Kreator777

Members
  • Content Count

    0
  • Joined

  • Last visited

Community Reputation

308 Excellent

About Kreator777

  • Rank
    Newbie

Recent Profile Visitors

61 profile views
  1. absolutely no BW limits. It's not Cisco )) on 3050 ports are 1Gbit and using NAT I achieved on tests 900+ Mbit/s speeds. And it has even more FW power according to the specs (4Gbit/s) if you use more than one link. Don't recall about Global protect client (read - VPN) but saw one guy transferred around 35MB/s (specs says about 500Mbit/s~~60MB/s max) which is absolutely fine for me. PS. All tests were made after factory reset (consider no licenses entered)
  2. I'd say that if I'd be in your situation and would have an option to try and learn Palo Alto FW I would not hesitate to do it even for a minute. You can do all routing/firewalling there and moreover you'll have hands-on experience of really cool NGFW features of best FW vendor. They really worth it
  3. Firewall - no issues w/o licenses/support VPN - GlobalProtect can be used. Be aware it doesn't allow to connect mobile clients and for some reason known only to PA - linux as well (that will require lic). But there's an option to use L2TP - it works for linux and should for mobile clients as well but I didn't have it tested though. router - no issues. As to additional protection you will be able to use DDoS for free as well. BTW, I also had my self migrated from ASAs completely to the Palo Alto as I consider them best firewalls at present moment. If you'll setup PA for a first time I'd recommend just buying course from Udemy and go over topics. Interfaces / SNAT / DNAT / Policies setup is not a problem and is clear more or less, but for Global Protect VPN I'd definitely use a learning video since it is quite not strait forward,
  4. Good HW device. Mostly of items sold w/o any creds so you'll have to factory reset them and no licenses will be inside. Most precious feature as for me - application recognition will still work and in general, those PA-3000 series are really good. High Availability is working w/o any additional licensing as well (just need same PanOS). Also one curious thing - 3020 has more noisy cooling system (I'd say 1.2-1.5x times more noise than 3050). 3060 is also cool device having 10Gbit ports, but of 1.5RU size. The only question before buying I would say - a PanOS version, since if you got it with old OS you'll have to do all upgrades then and between some major versions it will require also additional CLI steps and downloading application recognition files as well. Latest PanOS available is 9.1 (thank to fellows here in this thread I came to know that for PA-3000 series PanOS 10 won't be available so you should also consider this fact if that matters). Let me know if you have any questions.
  5. Ah, sad to know.. I have 3060 with 10Gbit ports and assume they will work on and on all right, will stick to 9.x also if you'd have a chance to share 9.1.4 would be much appreciated thank you
  6. PanOS_800-10.0.0 PanOS_220-10.0.0 fresh and raw [Hidden Content]
  7. It is quite old so I don't know if you will have such chance to find all those, but another way is to upload dump to the SSD drive of any already updated device. i can confirm this is working but you need to be familiar with the way how to do that.
  8. Fresh PA-850 / 820 = PanOS_800-9.1.3-h1 [Hidden Content] If anyone can share same 9.1.3-h1 version for PA-3020 ( PanOS_3000 ) would be appreciated
  9. Yep, same for me. Seems it's limitation by [Hidden Content] of "f.1" section. Sent PM over reddit. Thanks
  10. Saw about 3020's, do you have 9.1 to share by the chance? Thanks.
  11. Hey guys, have some latest PanOS for PA-220 to share: PanOS_220-9.1.2-h1 PanOS_220-9.0.8 PanOS_220-8.1.14-h2 Also can share other version for PA-220, PM me if needed. [Hidden Content] Also if anyone can share any PanOS_3000 of 8.1.9 and above, would be much appreciated to have it shared. Thanks!
×
×
  • Create New...