how to manage palo alto ssl/tls service profiles using cli

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

how to manage palo alto ssl/tls service profiles using cli

L4 Transporter

Its easy enought to change the ssl/tls service profile in the gui but how is it done throught the cli. I want to make sure I know how to do it in case I mess up my gui access.

6 REPLIES 6

L6 Presenter

Hi,

 

The best way to learn is to compare the config. So before commit, you have the option to preview the changes and choose all

 

> set shared ssl-tls-service-profile SSL/TLS-GP protocol-settings max-version
max Max
tls1-0 TLSv1.0
tls1-1 TLSv1.1
tls1-2 TLSv1.2

 

 

sj.PNGshare.PNG

 

So to go back and change these using the cli is to record the original settings and then go in the cli,  run this command

set shared ssl-tls-service-profi;e SSL/TLC-GP protocol-settomg max-version (what it was before you changed it

Hi,

 

Palo has really powerful GUI, so l am trying to use it all the time when I can. For the troubleshooting, it is better to use both CLI and GUI. Let's say you configure something and want to remember the CLI commands or make a note of it. Press commit, chose "Preview changes" then lines of context "all" and check the commands so next time you can modify or configured using CLI if you wish to. 

 

Cheers,

Myky

Great advice. The thing is we are change the ssl/tls service profile for the management interface and just to be safe we wanted to make sure if we lost access to it through the gui interface we had the option to use the cli to access and change it bakc

oh this is just the output of your config audit, its not how to set it using the cli commands

yes it is but you still have the option to create a new one:

 

> set shared ssl-tls-service-profile
SSL/TLS-GP SSL/TLS-GP
sss sss
<value> Profile name

  • 14559 Views
  • 6 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!