This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

management-console not available via https after upgrade from 3.1.7 to 4.0.1

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

management-console not available via https after upgrade from 3.1.7 to 4.0.1

gratzadmin
L1 Bithead

‎03-16-2011 07:25 PM

Hello all,

after upgrading from PanOS 3.1.7 to 4.0.1 I can not access the management-console via https.

ping and ssh are still working.

Even after downgrading back to 3.1.7 and loading the saved configuration, I can not access the management-console via https.

disable-https is set to 'no'.

Can anybody help?

PS:

the webserver-logfiles contain the following lines:

error.log:

   default:1 main  Error: Can't define private key file: /opt/pancfg/etc/appweb/server.key.pem

l3svc-error.log:

   default:1 main  Error: Can't define private key file: /opt/pancfg/etc/appweb/server.key.pem

sslvpn-error.log:

   default:1 main  Error: Can't access DocumentRoot directory
   default:1 main  Error: Ignoring bad directive "DocumentRoot" at line 170 in /etc/appweb/sslvpn.conf

Nachricht geändert durch gratzadmin

0 Likes Likes
5 REPLIES 5

rugbyschool
L0 Member

‎03-17-2011 07:48 AM

Hi

Had the same problem,

Fromm the command prompt i.e putty

admin@PA-500> configure

Entering configuration mode

[edit]

admin@PA-500# set deviceconfig system service disable-http no

[edit]

admin@PA-500#

this will give you back the http access to the box and then just switch on https:

Andrew

0 Likes Likes

gary_finfrock
Not applicable

‎03-17-2011 08:27 AM

I had similar issue after we enabled QoS.  Support had me disabled QoS until 4.0.2 becomes available.

0 Likes Likes

gratzadmin
L1 Bithead

‎03-17-2011 12:08 PM

we did a factory reset which solved the problem.

0 Likes Likes

k.dimitrovski
L1 Bithead
In response to gratzadmin

‎06-15-2011 09:41 AM

We have the same issue here after upgrading.

Could you specify what exaclty did you did to solve the problem.

Did you saved locally the config, did the factory reset and uploaded the config?

If I do these steps will the problem be back or not, after commiting the configuration?

0 Likes Likes

nrice
L5 Sessionator
In response to k.dimitrovski

‎06-15-2011 12:50 PM

If you're getting a SSL decrypt error, caused by a bug in 4.0.1,  this article should help:

https://live.paloaltonetworks.com/docs/DOC-1810

You should not experience the problem after this workaround. It occurs on the initial load of 4.0.1 and is fixed in 4.0.3, which is now available.  For other users planning upgrades, there is no need to do a full installation of 4.0.1.  As long as 4.0.1, which is the base image, is downloaded onto the PAN, 4.0.3 can be downloaded and installed, which will avoid the bug altogether.

0 Likes Likes
  • 3761 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks