- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
03-16-2011 07:25 PM
Hello all,
after upgrading from PanOS 3.1.7 to 4.0.1 I can not access the management-console via https.
ping and ssh are still working.
Even after downgrading back to 3.1.7 and loading the saved configuration, I can not access the management-console via https.
disable-https is set to 'no'.
Can anybody help?
PS:
the webserver-logfiles contain the following lines:
error.log:
default:1 main Error: Can't define private key file: /opt/pancfg/etc/appweb/server.key.pem
l3svc-error.log:
default:1 main Error: Can't define private key file: /opt/pancfg/etc/appweb/server.key.pem
sslvpn-error.log:
default:1 main Error: Can't access DocumentRoot directory
default:1 main Error: Ignoring bad directive "DocumentRoot" at line 170 in /etc/appweb/sslvpn.conf
Nachricht geändert durch gratzadmin
03-17-2011 07:48 AM
Hi
Had the same problem,
Fromm the command prompt i.e putty
admin@PA-500> configure
Entering configuration mode
[edit]
admin@PA-500# set deviceconfig system service disable-http no
[edit]
this will give you back the http access to the box and then just switch on https:
Andrew
03-17-2011 08:27 AM
I had similar issue after we enabled QoS. Support had me disabled QoS until 4.0.2 becomes available.
03-17-2011 12:08 PM
we did a factory reset which solved the problem.
06-15-2011 09:41 AM
We have the same issue here after upgrading.
Could you specify what exaclty did you did to solve the problem.
Did you saved locally the config, did the factory reset and uploaded the config?
If I do these steps will the problem be back or not, after commiting the configuration?
06-15-2011 12:50 PM
If you're getting a SSL decrypt error, caused by a bug in 4.0.1, this article should help:
https://live.paloaltonetworks.com/docs/DOC-1810
You should not experience the problem after this workaround. It occurs on the initial load of 4.0.1 and is fixed in 4.0.3, which is now available. For other users planning upgrades, there is no need to do a full installation of 4.0.1. As long as 4.0.1, which is the base image, is downloaded onto the PAN, 4.0.3 can be downloaded and installed, which will avoid the bug altogether.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!