Created
November 14, 2019 12:55
-
-
Save versionsix/4aaea13d72cd7f8a4ec7aa57e60e6e8a to your computer and use it in GitHub Desktop.
Palo alto example config. mgmt: 192.168.123.99/24 admin | P@ssw0rd
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<config version="8.0.0" urldb="paloaltonetworks"> | |
<mgt-config> | |
<users> | |
<entry name="admin"> | |
<phash>$1$l2.doqhj$Vri/RkbGRnVW2yjB.xV6O0</phash> | |
<permissions> | |
<role-based> | |
<superuser>yes</superuser> | |
</role-based> | |
</permissions> | |
</entry> | |
</users> | |
</mgt-config> | |
<shared> | |
<application/> | |
<application-group/> | |
<service/> | |
<service-group/> | |
<botnet> | |
<configuration> | |
<http> | |
<dynamic-dns> | |
<enabled>yes</enabled> | |
<threshold>5</threshold> | |
</dynamic-dns> | |
<malware-sites> | |
<enabled>yes</enabled> | |
<threshold>5</threshold> | |
</malware-sites> | |
<recent-domains> | |
<enabled>yes</enabled> | |
<threshold>5</threshold> | |
</recent-domains> | |
<ip-domains> | |
<enabled>yes</enabled> | |
<threshold>10</threshold> | |
</ip-domains> | |
<executables-from-unknown-sites> | |
<enabled>yes</enabled> | |
<threshold>5</threshold> | |
</executables-from-unknown-sites> | |
</http> | |
<other-applications> | |
<irc>yes</irc> | |
</other-applications> | |
<unknown-applications> | |
<unknown-tcp> | |
<destinations-per-hour>10</destinations-per-hour> | |
<sessions-per-hour>10</sessions-per-hour> | |
<session-length> | |
<maximum-bytes>100</maximum-bytes> | |
<minimum-bytes>50</minimum-bytes> | |
</session-length> | |
</unknown-tcp> | |
<unknown-udp> | |
<destinations-per-hour>10</destinations-per-hour> | |
<sessions-per-hour>10</sessions-per-hour> | |
<session-length> | |
<maximum-bytes>100</maximum-bytes> | |
<minimum-bytes>50</minimum-bytes> | |
</session-length> | |
</unknown-udp> | |
</unknown-applications> | |
</configuration> | |
<report> | |
<topn>100</topn> | |
<scheduled>yes</scheduled> | |
</report> | |
</botnet> | |
</shared> | |
<devices> | |
<entry name="localhost.localdomain"> | |
<network> | |
<interface> | |
<ethernet> | |
<entry name="ethernet1/1"> | |
<virtual-wire/> | |
</entry> | |
<entry name="ethernet1/2"> | |
<virtual-wire/> | |
</entry> | |
</ethernet> | |
<loopback> | |
<units/> | |
</loopback> | |
<vlan> | |
<units/> | |
</vlan> | |
<tunnel> | |
<units/> | |
</tunnel> | |
</interface> | |
<vlan/> | |
<virtual-wire> | |
<entry name="default-vwire"> | |
<interface1>ethernet1/1</interface1> | |
<interface2>ethernet1/2</interface2> | |
</entry> | |
</virtual-wire> | |
<profiles> | |
<monitor-profile> | |
<entry name="default"> | |
<interval>3</interval> | |
<threshold>5</threshold> | |
<action>wait-recover</action> | |
</entry> | |
</monitor-profile> | |
</profiles> | |
<ike> | |
<crypto-profiles> | |
<ike-crypto-profiles> | |
<entry name="default"> | |
<encryption> | |
<member>aes-128-cbc</member> | |
<member>3des</member> | |
</encryption> | |
<hash> | |
<member>sha1</member> | |
</hash> | |
<dh-group> | |
<member>group2</member> | |
</dh-group> | |
<lifetime> | |
<hours>8</hours> | |
</lifetime> | |
</entry> | |
<entry name="Suite-B-GCM-128"> | |
<encryption> | |
<member>aes-128-cbc</member> | |
</encryption> | |
<hash> | |
<member>sha256</member> | |
</hash> | |
<dh-group> | |
<member>group19</member> | |
</dh-group> | |
<lifetime> | |
<hours>8</hours> | |
</lifetime> | |
</entry> | |
<entry name="Suite-B-GCM-256"> | |
<encryption> | |
<member>aes-256-cbc</member> | |
</encryption> | |
<hash> | |
<member>sha384</member> | |
</hash> | |
<dh-group> | |
<member>group20</member> | |
</dh-group> | |
<lifetime> | |
<hours>8</hours> | |
</lifetime> | |
</entry> | |
</ike-crypto-profiles> | |
<ipsec-crypto-profiles> | |
<entry name="default"> | |
<esp> | |
<encryption> | |
<member>aes-128-cbc</member> | |
<member>3des</member> | |
</encryption> | |
<authentication> | |
<member>sha1</member> | |
</authentication> | |
</esp> | |
<dh-group>group2</dh-group> | |
<lifetime> | |
<hours>1</hours> | |
</lifetime> | |
</entry> | |
<entry name="Suite-B-GCM-128"> | |
<esp> | |
<encryption> | |
<member>aes-128-gcm</member> | |
</encryption> | |
<authentication> | |
<member>none</member> | |
</authentication> | |
</esp> | |
<dh-group>group19</dh-group> | |
<lifetime> | |
<hours>1</hours> | |
</lifetime> | |
</entry> | |
<entry name="Suite-B-GCM-256"> | |
<esp> | |
<encryption> | |
<member>aes-256-gcm</member> | |
</encryption> | |
<authentication> | |
<member>none</member> | |
</authentication> | |
</esp> | |
<dh-group>group20</dh-group> | |
<lifetime> | |
<hours>1</hours> | |
</lifetime> | |
</entry> | |
</ipsec-crypto-profiles> | |
<global-protect-app-crypto-profiles> | |
<entry name="default"> | |
<encryption> | |
<member>aes-128-cbc</member> | |
</encryption> | |
<authentication> | |
<member>sha1</member> | |
</authentication> | |
</entry> | |
</global-protect-app-crypto-profiles> | |
</crypto-profiles> | |
</ike> | |
<qos> | |
<profile> | |
<entry name="default"> | |
<class> | |
<entry name="class1"> | |
<priority>real-time</priority> | |
</entry> | |
<entry name="class2"> | |
<priority>high</priority> | |
</entry> | |
<entry name="class3"> | |
<priority>high</priority> | |
</entry> | |
<entry name="class4"> | |
<priority>medium</priority> | |
</entry> | |
<entry name="class5"> | |
<priority>medium</priority> | |
</entry> | |
<entry name="class6"> | |
<priority>low</priority> | |
</entry> | |
<entry name="class7"> | |
<priority>low</priority> | |
</entry> | |
<entry name="class8"> | |
<priority>low</priority> | |
</entry> | |
</class> | |
</entry> | |
</profile> | |
</qos> | |
<virtual-router> | |
<entry name="default"> | |
<protocol> | |
<bgp> | |
<enable>no</enable> | |
<dampening-profile> | |
<entry name="default"> | |
<cutoff>1.25</cutoff> | |
<reuse>0.5</reuse> | |
<max-hold-time>900</max-hold-time> | |
<decay-half-life-reachable>300</decay-half-life-reachable> | |
<decay-half-life-unreachable>900</decay-half-life-unreachable> | |
<enable>yes</enable> | |
</entry> | |
</dampening-profile> | |
</bgp> | |
</protocol> | |
</entry> | |
</virtual-router> | |
</network> | |
<deviceconfig> | |
<system> | |
<ip-address>192.168.123.99</ip-address> | |
<netmask>255.255.255.0</netmask> | |
<update-server>updates.paloaltonetworks.com</update-server> | |
<update-schedule> | |
<threats> | |
<recurring> | |
<weekly> | |
<day-of-week>wednesday</day-of-week> | |
<at>3:37</at> | |
<action>download-only</action> | |
</weekly> | |
</recurring> | |
</threats> | |
</update-schedule> | |
<timezone>US/Pacific</timezone> | |
<service> | |
<disable-telnet>yes</disable-telnet> | |
<disable-http>yes</disable-http> | |
</service> | |
<hostname>panos-01</hostname> | |
<type> | |
<static/> | |
</type> | |
<default-gateway>192.168.123.1</default-gateway> | |
</system> | |
<setting> | |
<config> | |
<rematch>yes</rematch> | |
</config> | |
<management> | |
<hostname-type-in-syslog>FQDN</hostname-type-in-syslog> | |
</management> | |
</setting> | |
</deviceconfig> | |
<vsys> | |
<entry name="vsys1"> | |
<application/> | |
<application-group/> | |
<zone> | |
<entry name="trust"> | |
<network> | |
<virtual-wire> | |
<member>ethernet1/2</member> | |
</virtual-wire> | |
</network> | |
</entry> | |
<entry name="untrust"> | |
<network> | |
<virtual-wire> | |
<member>ethernet1/1</member> | |
</virtual-wire> | |
</network> | |
</entry> | |
</zone> | |
<service/> | |
<service-group/> | |
<schedule/> | |
<rulebase> | |
<security> | |
<rules> | |
<entry name="rule1"> | |
<from> | |
<member>trust</member> | |
</from> | |
<to> | |
<member>untrust</member> | |
</to> | |
<source> | |
<member>any</member> | |
</source> | |
<destination> | |
<member>any</member> | |
</destination> | |
<service> | |
<member>any</member> | |
</service> | |
<application> | |
<member>any</member> | |
</application> | |
<action>allow</action> | |
<log-end>yes</log-end> | |
</entry> | |
</rules> | |
</security> | |
</rulebase> | |
</entry> | |
</vsys> | |
</entry> | |
</devices> | |
</config> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment