- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
01-23-2015 06:46 AM
on a local firewall, the output of the show config running output has some encrypted data that does not seem to be a certificate. No --begin certificate-- or --end certificate-- .
Does anyone know what this encrypted data is? I thought it might be the licenses installed.
01-23-2015 11:50 AM
Hello Nathan,
You are absolutely correct, it is custom-logo for PDF-reports and that is a default page by PAN. Here is the same output I get:
}
}
secondary-ntp-server {
ntp-server-address 0.pool.ntp.org;
authentication-type {
none;
}
set deviceconfig setting custom-logo pdf-report-header name logo_pan.gif
set deviceconfig setting custom-logo pdf-report-header content
/9j/4AAQSkZJRgABAQIAOwA7AAD/2wBDAAUDBAQEAwUEBAQFBQUGBwwIBwcHBw8L
CwkMEQ8SEhEPERETFhwXExQaFRERGCEYGh0dHx8fExciJCIeJBweHx7/2wBDAQUF
BQcGBw4ICA4eFBEUHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4e
Hh4eHh4eHh4eHh4eHh7/wAARCAHqAkgDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEA
AAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIh
MUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6
Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZ
mqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx
8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREA
AgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAV
YnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hp
anN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPE
xcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD7
LooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiig
Also, on GUI you can locate it at Device>Operations>Miscellaneous>Custom-logos
Let me know if that answers your question.
Regards,
Dileep
01-23-2015 07:05 AM
Hello Nathan,
It could be different things based on your config:
-passwords
-custom logos
-certificates 'It will show begin cert, and end cert'
-custom response pages
Licenses will not appear in the running configuration. If you want to export a running configuration you can export by GUI:Device>Operations>Export named configuration snapshot>running-config.xml.
Let me know if you have any questions. Please mark the answers as answered or helpful as applicable.
Regards,
Dileep
01-23-2015 07:21 AM
Here is the output right before the encryption. Looks like it has something to do with the reports. Could this be a custom report I created?
deviceconfig { | |
system { | |
ip-address 10.68.32.6; | |
netmask 255.255.255.0; | |
update-server updates.paloaltonetworks.com; | |
update-schedule { | |
threats; | |
} | |
service { | |
disable-telnet yes; | |
disable-http yes; | |
} | |
snmp-setting { | |
snmp-system; | |
} | |
hostname 655MF1AL; | |
default-gateway 10.68.32.1; | |
} | |
setting { | |
custom-logo { | |
pdf-report-header { | |
name logo_pan.gif; | |
content |
/9j/4AAQSkZJRgABAQIAOwA7AAD/2wBDAAUDBAQEAwUEBAQFBQUGBwwIBwcHBw8L
CwkMEQ8SEhEPERETFhwXExQaFRERGCEYGh0dHx8fExciJCIeJBweHx7/2wBDAQUF
BQcGBw4ICA4eFBEUHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4e
Hh4eHh4eHh4eHh4eHh7/wAARCAHqAkgDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEA
AAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIh
MUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6
Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZ
01-23-2015 11:50 AM
Hello Nathan,
You are absolutely correct, it is custom-logo for PDF-reports and that is a default page by PAN. Here is the same output I get:
}
}
secondary-ntp-server {
ntp-server-address 0.pool.ntp.org;
authentication-type {
none;
}
set deviceconfig setting custom-logo pdf-report-header name logo_pan.gif
set deviceconfig setting custom-logo pdf-report-header content
/9j/4AAQSkZJRgABAQIAOwA7AAD/2wBDAAUDBAQEAwUEBAQFBQUGBwwIBwcHBw8L
CwkMEQ8SEhEPERETFhwXExQaFRERGCEYGh0dHx8fExciJCIeJBweHx7/2wBDAQUF
BQcGBw4ICA4eFBEUHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4e
Hh4eHh4eHh4eHh4eHh7/wAARCAHqAkgDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEA
AAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIh
MUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6
Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZ
mqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx
8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREA
AgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAV
YnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hp
anN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPE
xcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD7
LooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKACiiig
Also, on GUI you can locate it at Device>Operations>Miscellaneous>Custom-logos
Let me know if that answers your question.
Regards,
Dileep
01-23-2015 12:22 PM
Hi Nathan,
Just to add to Dileep's answer: the data is not encrypted, but merely Base64 encoded, meaning anyone could restore the binary data from looking at the encoded data.
Regards,
Benjamin
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!