≡ Menu
AWS Transit Gateway Route Table

Apart from the default route table that gets created when you create a transit gateway, you can also create additional route tables. This helps you to associate a specific attachment with a specific route table. The attachments can propagate their routes to one or more route tables. You can also add static routes to the route tables.

To view whether your transit gateway has a default route table associate with it, use the following command.

(more…)

10 Examples to Manage PaloAlto Firewall Users from PAN-OS CLI

This tutorial explains how to manage PaloAlto users from CLI.

You’ll learn about user and role related functionalities including how to create a new user, assign a role to an user, make regular user as an admin user, list all existing users, delete an user, etc.,

(more…)

24 Examples to Manage AWS Transit Gateway and Attachments from CLI

AWS Transit gateway acts as a hub to connect multiple VPC and on-prem networks. Apart from attaching a VPC to transit hub and routing traffic, you can also attach a VPN connection or Direct Connect gateway to your transit gateway. You can also peer two transit gateways and route traffic between them.

In a multi-account environment, you can create Transit gateway in a central network account and share them with external accounts or with accounts within your organization.

(more…)

PaloAlto releases software updates on an on-going basis. It’s essential that you stay current with the latest stable release of firewall.

On a high-level the following are 5 easy steps to upgrade PaloAlto firewall:

  1. Pre-install: Verify current software version
  2. Check Available Software Versions
  3. Download Latest Version of PaloAlto
  4. Install the Latest version of Firewall Software
  5. Post-install: Reboot and verify new software version

Apart from upgrading from CLI, this tutorial also explains how to upgrade PAN-OS from PaloAlto console.

(more…)

[Python Functions]Functions are code snippets in a block that is assigned a name. It takes input, performs computation or an action and returns the output.

Functions enhances the reusability of the code.

In this tutorial, we’ll discuss the following examples:
(more…)

Once you create a Managed AD in an AWS account, you can share this AD with other accounts.

This is a common use-case when you have AWS Managed Active Directory in a shared services account that needs to be shared with other workload accounts.

The following are few points to keep in mind:

  • Sharing to another account can happen only within the same region where the Managed AD resides
  • Shared directory will be visible to all the VPCs in the workload accounts
  • The shared directory on the workload account will get a directory id that is different than the original directory id in the shared services account.
  • If Managed AD directory is in an account where organization is enabled, then you also have the option of sharing it with all the accounts within the organization or with a specific account

(more…)

While working with PaloAlto firewall, sometimes you’ll find it easier to use CLI instead of console.

Working on CLI is very helpful when you are testing something on a dev/test firewall, where you repeatedly try-out the same thing with different values, and don’t want to do multiple clicks from the UI and retype everything.

In this tutorial, we’ll explain how to create and manage PaloAlto security and NAT rules from CLI. The following examples are explained:
(more…)

[Elasticsearch Cluster Setup]In our previous elasticsearch tutorial, we discussed how to install and setup a stand-alone elasticsearch instance.

While stand-alone installation is good for dev/test, for production, it is recommended to setup elasticsearch cluster. Elasticsearch cluster has many advantages over stand-alone.

(more…)