Ad – Purchase on Amazon
Ad – Purchase on Amazon
Last updated on November 16th, 2022 at 05:45 pm
Here are my notes for the first-time setup of a Palo Alto Networks hardware firewall using the CLI and console.
Visit this page if you need information or recommendations on a console cable. The (Serial) Console Port Cable Options
Console settings:
Data rate: 9600 Data bits: 8 Parity: none Stop bits: 1 Flow control: none
If there is an issue with the cli output try these commands:
>set cli config-output-format set
>set cli pager off
> set cli terminal type xterm
After the terminal type is chosen, reconnect with console (terminal) software.
Credentials:
admin/admin
Disable ZTP:
New firewalls are shipping with Zero Touch Provisioning enabled. If not used, it should be disabled prior to further configuration.
>request disable-ztp
Configure static IP address:
>configure
set deviceconfig system type static
set deviceconfig system ip-address x.x.x.x netmask x.x.x.x default-gateway x.x.x.x
Example: set deviceconfig system ip-address 192.168.68.100 netmask 255.255.255.0 default-gateway 192.168.68.2
Note: The default-gateway command is optional.
commit
Setup or revert to DHCP:
>configure
set deviceconfig system type dhcp-client
set deviceconfig system type dhcp-client accept-dhcp-domain yes accept-dhcp-hostname yes send-client-id yes send-hostname yes
request dhcp client management-interface release
commit
How to set a route via CLI:
set network virtual-router default routing-table ip static-route 0.0.0.0/0 nexthop 10.10.10.1
Getting Started with Palo Alto Networks Firewalls:
https://blog.webernetz.net/cli-commands-for-troubleshooting-palo-alto-firewalls/
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClXRCA0
https://www.802101.com/palo-alto-part-2-basic-configuration/
Copyright © Packet Passers 2024