VM-Series Firewall SSH To use WebUI, we need to set an administrator password, for this, need to connect via SSH. After creating instances, it takes 10-15 minutes before the Firewall is initialized and will be available via SSH Connect to the first instance, SSH user – "admin" And execute the following commands: Enter the …
Continue reading "Palo Alto VM-Series Firewall: AWS HA Multi AZ для GlobalProtect – Part 2"
The Palo Alto VM-Series Firewall uses an active/passive configuration for high availability. In which the active firewall constantly synchronizes its configuration and information about active sessions with a similarly configured passive firewall. There are two options for achieving HA on AWS: "Secondary IP Move" and "Dataplane Interface Move". Secondary IP Move If the active …
Continue reading "Palo Alto VM-Series Firewall: AWS HA Multi AZ for GlobalProtect – Part 1"
After upgrading PIP to CentOS 6, which still uses Python2.7, PIP for each command crashes with an error. For example: Reason: PIP versions above 20.3 do not support Python2.7 Solution: Install latest supported version
To extract a file path or filename from a full path, you can use various utilities like grep, sed, awk, etc. If it’s not a list from a file or variable, you can use find, but there’s an easier way: basename – returns the filename dirname – returns the path to the file Example: …
Continue reading " Linux – Get path and filename from full path"
In order to mount an S3 Bucket as a file system, you need to install s3fs Create a directory to mount: And add the following to "/etc/fstab": Where: "artem-service-bucket:/upload/" – S3 bucket name and the directory inside the bucket to mount "url=https://s3.eu-central-1.amazonaws.com,endpoint=eu-central-1" – the region where the S3 bucket is located "iam_role" – …
Continue reading " S3 – Mounting in Linux"
It is necessary to extract the login and password from RDS, which are stored in AWS Secret Manager and use their values in the Terraform code. To do this, you can use the following construction: And use variables:
The SSM Parameter Store contains the following JSON: It is necessary to extract the login and password, and use their values in the Terraform code. To do this, you can use the following construction: And use variables:
In order to exclude a specific range or IP address, you need to add the parameter "net_gateway". For example, it is necessary that the network "10.0.0.0/8" is routed through the VPN, but at the same time the network "10.0.1.0/24" is excluded from the route, the entry in the configuration file will look like this: …
Continue reading " OpenVPN – Exclude specific IPs or networks from routes"
In order to convert an existing private key to PEM format, just do the following:
When trying to upgrade "Jenkins" on CentOS 7, the following error may occur: Public key for jenkins-2.289.3-1.1.noarch.rpm is not installed To fix it, just import the repository key: