You might run into the following issue when you try to retrieve Palo Alto Panorama VM licenses from Palo Alto licenses server. The reason behind that error is the missing of the serial number of the appliance that is trying to retrieve its licenses from the licenses server. Panorama VM does not come with any serial number associated, hence it…
Recently I had ran into some issues when I was trying to update Wireshark on some workstations and servers. Specifically, the Npcap was failing during its version upgrade, and was returning an error stating that it failed to create the npcap service as shown above. Here is how to fix this annoying issue. Step 1: Go to Local Group Policy…
In this post I will share with you how to fix AnyConnect Management Tunnel Disconnected (connect failed) error, but before jumping in here is a quick heads up on what AnyConnect Management Tunnel is. AnyConnect Management Tunnel is a very cool feature that allows us to do some maintenance works on the remote endpoints without asking the users any interaction.…
This post will cover one interesting root cause of getting AnyConnect Certificate Validation Failure. I was working on setting up a Cisco AnyConnect Management Tunnel, which I will cover in another post, and for some reason when I was trying to establish AnyConnect SSL VPN from a Windows client, it was just failing dropping the message Certificate Validation Failure on…
This post covers a potential issue that might cause a Palo Alto VPN tunnel to be up but with no traffic flowing between the encryption domains. Here is the scenario I came across with a site to site VPN tunnel between a Palo Alto and a Cisco ASA behind a NAT device. Basically, the VPN tunnel was configured with no…
This post will cover how to configure Palo Alto site-to-site VPN with Cisco ASA. However, the post will not cover any of the ASA configuration parts, but please check out Cisco documentation on this link if required. Configuring a site to site VPN tunnel on Palo Alto firewalls is not difficult, but it could be a little bit challenging for…
When it comes to security, the word blacklist is always tied to something bad. However, this is not the case when we deal with health policies in Cisco FMC. FMC offers a nice feature called health monitor blacklist. This feature allows us to suppress the health alerts related to one or more FTD appliances. Not only, the health monitor blacklist…
In this post I will show you how to promote ISE secondary PAN to be the primary. The process is pretty easy, the only thing is that there would not be a way to do this from the primary PAN. So, to promote the secondary PAN to be the primary we need to log into the secondary PAN, and promote…
In this post I will show you how easy is to use Active Directory OUs in Cisco ISE authorization rules. Although it is not very common, but there are still a lot of companies around that are using the Active Directory OUs to segregate the users in Active Directory rather than using the groups. In our lab we have an…
In this post I am going to show you how to shutdown Cisco FMC. I know it might seem basic, but some of us might not came across this task before. That would be the case if you are not a 100% focus on the FMC on a day to day activities. Anyway, there are three ways to shutdown Cisco…
