Pathfinder 16.02 not working with Proxy Settings

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Pathfinder 16.02 not working with Proxy Settings

L1 Bithead

Hello,

 

it's not really a discussion but more a let's document two actual issue I went through.

In rare cases when you have to deploy Pathfinder in a not direct connection to the internet (no DNS, and no web), then this might be of interest to you.

In Pathfinder you can set the proxy settings. In my case it is a non-authenticated proxy, so I just added proxy address and proxy port.

When doing a Connectivity check, all tests failed ! and no packets were sent to the proxy server.

 

Connectivity checks errorsConnectivity checks errors

Looking into the logs we can see the cause.

pathfinder_username.pngBUG1 : This is due because the scripts implemented in 16.02 sends commands to curl but fails because the username = ''

Workaround : enter any username and it works

All Connectivity tests are now working but I still cannot pair.

I get a message, please authorize in admin UI, but nothing appears in the pathfinder management UI, and then it fails miserably.

Looking at the logs (edited), we can see "internal IP address is invalid" because it's empty !error_pathfinder_16.02.png

 

The cause of this is a bit complex but basically it's related  to finding it's own ip based on the direct name resolution (dns) of your XDR Analyzer instance. 

Workaround BUG2: find your instance name : example <xxxxxxxxxxxxcbaced8>.magnifier.eu.paloaltonetworks.com (replace with your own instance ID)

And create a 'A' DNS record for this entry which should resolve to 154.59.126.13.

Depending on your installation it can be hard to add another zone paloaltonetworks.com so another easier way is to use the DNSproxy feature of the PANOS with static entries

dns-proxy.png

Senior Security Engineer
2 REPLIES 2

L1 Bithead

Unfortunatly, the list goes on.

Bug No 3:

After pairing and being authorize in the portail UI, the service restart itself, and then you might get an error message of something like

Configuration file corrupted.

Looking at the logs in the agent.log file. I saw an error :InvalidURL: Failed to parse: myuser:p0

This is due to a wrong parsing a password which is encoded in base64 and containing a slash character. '/'

2 workarounds :

1) given a statistics of 344 characters with a probability of 1/64 to be a slash. This give a chance of 5:1. So if you try 10 times, you probably have a working installation.
2) second workaround. Edit /etc/conf/lc.conf and replace the slash character by another characters and restart the service.

Regards

Frank

Senior Security Engineer

L1 Bithead

Support has announced resolution of those 3 bugs for next release of Pathfinder.

 

Let's cross fingers

 

Regards

Frank

Senior Security Engineer
  • 8974 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!