Palo Alto Networks : Implementing Conditional Advertising in BGP

Palo Alto networks have an interesting feature in their BGP module called "Conditional Adv" - this is found in the Network > Virtual Routers > default > BGP > Conditional Adv tab of the GUI. There are no concrete examples in their KB of how to implement this, so here is a rundown of why and … Continue reading Palo Alto Networks : Implementing Conditional Advertising in BGP

Advertisements

Palo Alto firewall and BGP routing

Objective: This article will record the steps taken and scenarios simulated during BGP lab sessions involving the PA 5020. Scenario 1: A single ISP, with an eBGP peering between the PaloAlto and a CISCO ISP router.   The above network diagram shows the basic setup. The objective of this scenario is to advertise the “public” … Continue reading Palo Alto firewall and BGP routing

Source routing concepts

Source routing is basically an option in IP (layer 3) where a packet can instruct a gateway (for example the sonciwall) which hops to send the packet to. Its like the client deciding which route the packets should take. Now this of course is kinda bad because if the client (let’s say he’s a hacker) … Continue reading Source routing concepts