Palo Alto PA5220 is not login after password complexity changes

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Palo Alto PA5220 is not login after password complexity changes

L0 Member

We changed the password complexity and history settings on our firewall a couple of days ago.
After committing the changes the local users are not able to login on the firewall.
So we tried to boot into maintenance mode by connecting through a console cable in order to roll back to a older running config.
This did not do anything though, because the users are still not able to login using their old credentials from the time when the running config was saved.
Does rolling back to a saved running config, undo-s the password complexity settings?
Is there a way to import a device state config from the actual maintenance mode without having to reset to factory default and connect from the management interface?

1 REPLY 1

Cyber Elite
Cyber Elite

Hello there

 

When you reverted to a previous configuration, I wanted to make certain that the file was a NAMED snapshot file and not a previous running-configuration.xml file.  (To call this file a saved running-configuration file just makes me believe it was not a named file, so please re-confirm my incorrectness in understanding)      To answer some questions, reverting to a previously named configuration file does not undo password complexity.  I am not aware of how to import a device state during maintenance mode.

 

When the local users cannot log in, what does your authentication log show? If you changed one person's password, are they able to log in?  I am presuming you are refering to end users authentication through the FW, and not the admins trying to attempt authentication to the FW.  (TO vs THROUGH) .

Please help out other users and “Accept as Solution” if a post helps solve your problem !
  • 1182 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!