Linking Active Directory to Palo Alto

 ###First you need to create a server profile under the LDAP section.

DEVICE>Server Profiles>LDAP then click on the Add down at the bottom of the page.

Fill in the required information:

Profile Name ###the name of this LDAP object your creating

Server List ###This is inputting the DNS name, LDAP server IPs, and the port number information

##For port info, 389 and 636

Server Settings:

Type: active-directory

Base DN: DC=LAB,DC=LOCAL (stands for lab.local, or whatever your domain is)

Bind DN: svc.acct@lab.local (whatever your service account name is)

Password: Service account password

Confirm Password: confirm it

Bind Timeout: 30

Seach Timeout: 30

Retry Interval: 60

If you click on "Require SSL/TLS secured connection" it will try and force encryption when available

###Next, you can create an Authentication Profile to associate with user accounts.

DEVICE>Authentication Profiles>then click Add at the bottom of the page.

Authentication Profile Settings:

Under Authentication, fill out the following:

Type: LDAP

Server Profile: YOUR_SERVER-PROFILE

Login Attribute: sAMAccountName

Password Expiry Warning: 7

User Domain: lab.local

Username Modifier: %USERINPUT%

Leave Factors tab alone

Then for to Advanced Tab

Allow List: Click Add

Select all to ensure all users are applied

###Now you can go to Administrators and add admins and associate them to the Authentication Profile

DEVICE>Administrators>Add or click on a user you want to work with

On Authentication Profile, click the drop down and then select the profile you setup from the previous step.

This user can now use their AD account to login.

Renew Default Security Keyring Cisco UCS

Step 1: UCS-A# scope security

Step 2: UCS-A /security # scope keyring default

Step 3: UCS-A /security/keyring # set regenerate yes

Step 4: UCS-A /security/keyring # commit-buffer

Factory Reset Cisco UCS 4.1 CLI

 ####You must use the local admin account in order for the option to be listed.

####Login through SSH to the FI VIP (or the current primary FI).

####Next connect to the local management CLI then execute the rease conifig command.

FI-A#local-mgmt

FI-A(local-mgmt)erase configuration

All UCS configurations will be erased and system will reboot. Are you sure? (yes/no):yes

####Make sure to do the same process on the other FI if you have a secondary.

####The configurations will be erased and the FIs will reboot.

RSPAN Configuration

 ###First, create the Remote SPAN (RSPAN) VLAN. You must do this on both switches

SW1#configuration terminal

SW1(config)#vlan 999

SW1(config-vlan)#name RSPAN-VLAN

SW1(config-vlan)#remote-span

SW1(config-vlan)#exit

SW2#configuration terminal

SW2(config)#vlan 999

SW2(config-vlan)#name RSPAN-VLAN

SW2(config-vlan)#remote-span

SW2(config-vlan)#exit

###Next, create your monitor session for your source ports you are mirroring

SW1#configuration terminal

SW1(config)#monitor session 1 source interface gi 1/0/2 both ###This enables both transmit and receive to be recorded

###Now you can add the RSPAN VLAN to your monitor session as a destination to drop the data into the RSPAN VLAN:

SW1#configure terminal

SW1(config)#monitor session 1 destination remote vlan 999

###Now, go to your next switch in the destination and create a monitor session pulling from the RSPAN VLAN

SW2#configuration terminal

SW2(config)#monitor session 1 source remote vlan 999

###Finally, create a destination monitor session to dump the RSPAN VLAN traffic to your system analyzing the traffic

SW2#configuration terminal

SW2(config)#monitor session 1 destination interface gi 1/0/2