SBN

Palo Alto Firewall Management address

I have been working with Palo Alto Networks firewalls exclusively over the last 6 months or so and wanted to start a series of postings regarding how to make changes at the command line

The first step in configuring a PAN is to configure the management address.

The firewall comes configured with 192.168.1.1/24 configured and you can connect to the management interface from your PC if you are on that subnet and the address is not in use or by changing your system IP.

The other way is to connect using the console connection with the provided serial to rj45 cable (hopefully you have a USB to serial adapter) – standard 9600/8/none/1

login to the system

type configure

hit enter

type set deviceconfig system ip-address 172.1.1.254 netmask 255.255.255.0 default-gateway 172.1.1.1

*replace the addresses above with the IPs you want to assign*

hit enter

type commit

hit enter

That will commit the configuration to the device. This will take a moment or two to complete

This same command can be issued via SSH to change the management IP at a later time, though it will cause your SSH session to disconnect.

Hope that helps someone

Be safe out there

James

*** This is a Security Bloggers Network syndicated blog from IT Security, Windows Scripting and other matters authored by James.Costello. Read the original post at: http://genesyswave.blogspot.com/2011/08/palo-alto-firewall-management-address.html

Application Security Check Up