Recently upgrade panorama to 8.0.17 and after it upgraded it got hung, so we had to reboot it to get it back. Once it was back it is no longer allowing local auth. Remote auth works via the GUI (thankfully). Neither local or remote auth works via cli (console doesn't work either).
SSH using LDAP I get this message:
Received disconnect from 10.12.99.100 port 22:2: Too many authentication failures for<ldap_user>
When using local auth via GUI I see this in the logs:
'failed authentication for user \'admin\'. Reason: Authentication profile not found for the user
When using local auth via CLI it just keeps asking for the password even though I know its right.
I read 2 articles, 1 about PAN running FSCK after a reboot but it shouldn't take nearly a week to do that (upgraded it last week). And another article about rebuilding the user database but I can't login via CLI to do that. Remote console doesn't show anything, like it won't display anything.
Has anyone see this before?
I'd just go straight to support with something like this so they can view the logs and see what the debug info is actually stating. It kind of sounds like the upgrade might have effected a few files in an adverse way however.
IIRC at first I think they had us downgrade and re-upgrade but in the end we had to RMA the panorama box and that turned into a entire different mess. I would hope no one has to go through that because it seemed PA had no idea how to do it without causing interruptions.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!