Pathfinder 16.02 not working with Proxy Settings

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Pathfinder 16.02 not working with Proxy Settings

L1 Bithead



it's not really a discussion but more a let's document two actual issue I went through.

In rare cases when you have to deploy Pathfinder in a not direct connection to the internet (no DNS, and no web), then this might be of interest to you.

In Pathfinder you can set the proxy settings. In my case it is a non-authenticated proxy, so I just added proxy address and proxy port.

When doing a Connectivity check, all tests failed ! and no packets were sent to the proxy server.


Connectivity checks errorsConnectivity checks errors

Looking into the logs we can see the cause.

pathfinder_username.pngBUG1 : This is due because the scripts implemented in 16.02 sends commands to curl but fails because the username = ''

Workaround : enter any username and it works

All Connectivity tests are now working but I still cannot pair.

I get a message, please authorize in admin UI, but nothing appears in the pathfinder management UI, and then it fails miserably.

Looking at the logs (edited), we can see "internal IP address is invalid" because it's empty !error_pathfinder_16.02.png


The cause of this is a bit complex but basically it's related  to finding it's own ip based on the direct name resolution (dns) of your XDR Analyzer instance. 

Workaround BUG2: find your instance name : example <xxxxxxxxxxxxcbaced8> (replace with your own instance ID)

And create a 'A' DNS record for this entry which should resolve to

Depending on your installation it can be hard to add another zone so another easier way is to use the DNSproxy feature of the PANOS with static entries


Senior Security Engineer

L1 Bithead

Unfortunatly, the list goes on.

Bug No 3:

After pairing and being authorize in the portail UI, the service restart itself, and then you might get an error message of something like

Configuration file corrupted.

Looking at the logs in the agent.log file. I saw an error :InvalidURL: Failed to parse: myuser:p0

This is due to a wrong parsing a password which is encoded in base64 and containing a slash character. '/'

2 workarounds :

1) given a statistics of 344 characters with a probability of 1/64 to be a slash. This give a chance of 5:1. So if you try 10 times, you probably have a working installation.
2) second workaround. Edit /etc/conf/lc.conf and replace the slash character by another characters and restart the service.



Senior Security Engineer

L1 Bithead

Support has announced resolution of those 3 bugs for next release of Pathfinder.


Let's cross fingers




Senior Security Engineer
  • 2 replies
  • 78 Subscriptions
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!