palo alto vm-100 configuration lab
TRANSCRIPT
![Page 1: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/1.jpg)
Palo Alto VM-100 Configuration LabVMware and Linux based
![Page 2: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/2.jpg)
Network topology diagram
![Page 3: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/3.jpg)
Lab configurations
● Initial setup● Configurations of zones, management profiles and interfaces● Configuration services (DHCP and NAT)● Policies and App ID configuration● Content ID configuration● Outbound SSL Decryption● Site-to-site IPSec VPN● Monitoring the system with OMD - Open Monitoring Distribution
![Page 4: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/4.jpg)
Terminal server management console login details
You can use web-based ssh client or any other (PuTTy, SecureCRT) Login details are:hostname: ts.4pu.comusername: testpassword: TestmylaB123 (case sensitive)
![Page 5: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/5.jpg)
Terminal server management console login
![Page 6: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/6.jpg)
TeamViewer management console login details
Please use my free account below● TeamViewer Login● email: [email protected]● password: testmylab123
You can verify my configuration or modify and test your own.
![Page 7: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/7.jpg)
TeamViewer management console
![Page 8: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/8.jpg)
TeamViewer management console
![Page 9: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/9.jpg)
TeamViewer management console
![Page 10: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/10.jpg)
TeamViewer management console
![Page 11: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/11.jpg)
TeamViewer management console
![Page 12: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/12.jpg)
TeamViewer management console
![Page 13: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/13.jpg)
TeamViewer management console
![Page 14: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/14.jpg)
TeamViewer management console
![Page 15: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/15.jpg)
Hosts configurationPalo Alto (PA-VM100) configuration
● GUI login: username = admin, password = admin● mgmt ip address 192.168.0.203/24 default gateway 192.168.0.1● eth1/1 ip address 2.2.2.1/24 security zone INTERNET● eth1/2 ip address 20.20.1.1/24 security zone DC-FTP-SERVER● eth1/3 ip address 30.30.1.1./24 security zone INSIDE USERS● eth1/4 ipaddress 40.40.1.1/24 security zone DMZ-WEB-SERER
TEST-HOST configuration (Linux Xubuntu)
● eth0 ip address 192.168.0.55/24 default gateway 192.168.0.1● eth2 ip address 10.10.128.2/24 default gateway 10.10.128.1
Data Center Server (SliTaz GNU/Linux)
● eth0 ip address 20.20.1.2/24 default gateway 20.20.1.1
INSIDE USER (Linux Lununtu)
● eth1 ip address 30.30.1.2/24 default gateway 30.30.1.1
DMZ SERVER (SliTaz GNU/Linux)
● eth0 ip address 40.40.1.2/24 default gateway 40.40.1.1
![Page 16: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/16.jpg)
Initial device setup/access
![Page 17: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/17.jpg)
Initial device setup/access
![Page 18: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/18.jpg)
Initial device setup/access
![Page 19: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/19.jpg)
Zones configuration
![Page 20: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/20.jpg)
Management profiles configuration
![Page 21: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/21.jpg)
Interfaces ip address configuration
![Page 22: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/22.jpg)
DHCP configuration
![Page 23: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/23.jpg)
DHCP offer Wireshark capture
![Page 24: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/24.jpg)
General overview of concepts
![Page 25: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/25.jpg)
General overview of concepts
![Page 26: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/26.jpg)
Policies and App ID configuration
![Page 27: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/27.jpg)
Policies and App ID verification
![Page 28: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/28.jpg)
Content ID configuration
![Page 29: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/29.jpg)
Content ID configuration
![Page 30: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/30.jpg)
Content ID verification
![Page 31: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/31.jpg)
Outbound SSL Decryption configuration
![Page 32: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/32.jpg)
Outbound SSL Decryption configuration
![Page 33: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/33.jpg)
Outbound SSL Decryption configuration
![Page 34: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/34.jpg)
Outbound SSL Decryption configuration
![Page 35: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/35.jpg)
Outbound SSL Decryption configuration
![Page 36: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/36.jpg)
Site-to-Site IPSec VPN configuration
![Page 37: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/37.jpg)
Site-to-Site IPSec VPN configuration
![Page 38: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/38.jpg)
Site-to-Site IPSec VPN configuration
![Page 39: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/39.jpg)
Site-to-Site IPSec VPN configuration
![Page 40: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/40.jpg)
Site-to-Site IPSec VPN configuration
![Page 41: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/41.jpg)
Site-to-Site IPSec VPN configuration
![Page 42: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/42.jpg)
Monitoring system login details:http://omd.4pu.com/nms/check_mk username: guest password: guest123
![Page 43: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/43.jpg)
Monitoring the system
![Page 44: Palo Alto VM-100 Configuration Lab](https://reader034.vdocuments.us/reader034/viewer/2022050712/5aab65bc7f8b9a52318b476d/html5/thumbnails/44.jpg)
Monitoring the system