Monday, September 8, 2025

Module 2 Palo Alto Initial Configuraiton

 

Module 2  Palo Alto  Initial Configuraiton


Initial Configuration 
Administrative controls
Initial Access to the system
Configuration management
Licensing and software update
Account administration 
Viewing and filtering logs


2 ways to access PA-1420
gui - https
cli - console, telnet 
uid: admin
password: admin

To reset to factory default (if you know the firewall admin password) 
set system private-data-reset

If you do not know the admin passwordk you must place the firewall in maintainance mode 
at boot up time, type maint into the CLI through the console port 
at some point you can chose the action Reset to Factory Default

To initially configure a Palo Alto firewall, you power on the device, connect to the management interface (which defaults to DHCP or has a known IP like 192.168.1.1), log in with the default credentials (admin/admin), and then change the default password. 
After logging in, you can change the management IP from DHCP to static, set the hostname, domain, time, and DNS/NTP servers. Finally, you commit the changes to make them active. 

1. Power and Connect
Install and power on: the firewall. 
Connect: your computer to the management network. 
Access: the management interface using a web browser or SSH. 
The default IP is often 192.168.1.1, or it might obtain an IP via DHCP. 

2. Login and Change Password
Use: the default username admin and password admin. 
Change: the default password immediately, as the system will prompt you to do so. 

3. Configure Management Interface
Navigate: to Device > Setup > Management in the web interface. 
Set: the Management Interface to static and provide the IP address, subnet mask, default gateway, and DNS servers. 

4. Configure Device Settings 
Go: to Device > Setup > Services to add or modify NTP servers and potentially set up an HTTP proxy if needed.
Set: a hostname, domain, and a login banner under Device > Setup > Management.
Adjust: the time zone, date, and location (latitude/longitude).

5. Commit Changes 
Click: the Commit button in the top-right corner of the web interface to apply the new configuration.
Review: the changes if prompted and then confirm the commit.




Console - uid/password admin
>configuration
# set deviceconfig system type static   
# set deviceconfig system ip-address 192.168.10.1 netmask 255.255.255.0
# commit

MGT interface
# set deviceconfig system ip-address
admin password
# set mgt-config users admin password

DNS
# set deviceconfig system dns-setting servers

NTP
# set deviceconfig system ntp-servers
Interfaces
# set network interface

System settings
# set deviceconfig system

example
 Initial configs
#myfw-01
set cli config-output-format set 
configure 
set deviceconfig system ip-address 100.105.37.87
set deviceconfig system netmask 255.255.255.0
set deviceconfig system default-gateway 100.105.37.1
set deviceconfig system hostname myfw-01
set deviceconfig system dns-setting servers primary 8.8.8.8

commit

Zones
# set zone <name> 
# set vsys <name> zone <name> 

Management settings
<Device><setup><Management><General Settings> <gear>
hostname:
Domain:
Time 

Ping 
Traceroute
Telnet 
F - Find the issue 
I - Inspect the sympton
X - Exclude possibilities
I  - Implement a Fix hypotisis
T - Tracking Document and Implement

Palo Alto Firewall Commands:
==================================
show system info
show system resource
show interface management
show arp all
show interface all
show interface ethernet1/1
show config run
show config candidate
show session all
show routing route
show routing route virtual-router default
show log system
show log traffic
ping source 10.1.1.1 host 8.8.8.8
traceroute host 8.8.8.8
show admins
clear session all
show high-availability state


Server Profiles
# set server-profile 
# set vsys <name> server-profile 
# set shared server-profile 

Authentication Profiles
# set authentication-profile 
# set vsys <name> authentication-profile 
# set shared authentication-profile 

Certificate Profiles
# set certificate-profile 
# set vsys <name> certificate-profile 
# set shared certificate-profile 

Policy
# set rulebase 
# set vsys vsys1 rulebase 

Log Quotas
# set deviceconfig setting management quota-settings

User-ID
# set user-id-agent 
# set vsys <name> user-id-agent 
# set user-id-collector 
# set vsys <name> user-id-collector 

HA
# set deviceconfig high-availability
AutoFocus Settings
# set deviceconfig setting autofocus

WildFire Settings
# set deviceconfig setting wildfire

Panorama
# set deviceconfig system panorama-server

Restart
> request restart system

Management settings
<Device><setup><Management><General Settings> <gear>
hostname:
Domain:
Time 



at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Global Protect Troubleshooting

Global Protect Components Certificate Management Connections Authentication Debugging https://www.youtube.com/watch?v=0Z48WHvyW0Q authentica...