How to SSH into Maintenance Mode

Printer Friendly Page

Overview

The Palo Alto Networks device needs to be booted into maintenance mode. However, a console cable is not available. This document describes how to use SSH to connect to a Palo Alto Networks device that has been booted into maintenance mode.

 

Steps

  1. Prior to rebooting, run show system info and write down the management IP address and the device serial number (case sensitive) :
    show_system_info.png
  2. Reboot your Palo Alto Networks device into maintenance mode with debug system maintenance-mode:
    debug_system_maint.png
  3. Now open a terminal window (MAC) or other SSH client (ex. Putty) and connect to the management IP.
    • User: maint
    • Password: device serial number (case sensitive, any letters should be upper case)
      ssh_maint.png
  4. The screenshot below shows an established SSH connection in maintenance mode :
    maint_mode.png

 

owner: rvanderveken

Comments

Hi,

what about the VM-Series, does the password/serialnumber equal to the S/N visible in the Device Registration at the support portal?

Thanks in advance