05-28-2019 07:42 AM - edited 05-28-2019 07:43 AM
Recently upgrade panorama to 8.0.17 and after it upgraded it got hung, so we had to reboot it to get it back. Once it was back it is no longer allowing local auth. Remote auth works via the GUI (thankfully). Neither local or remote auth works via cli (console doesn't work either).
SSH using LDAP I get this message:
Received disconnect from 10.12.99.100 port 22:2: Too many authentication failures for<ldap_user>
When using local auth via GUI I see this in the logs:
'failed authentication for user \'admin\'. Reason: Authentication profile not found for the user
When using local auth via CLI it just keeps asking for the password even though I know its right.
I read 2 articles, 1 about PAN running FSCK after a reboot but it shouldn't take nearly a week to do that (upgraded it last week). And another article about rebuilding the user database but I can't login via CLI to do that. Remote console doesn't show anything, like it won't display anything.
Has anyone see this before?
05-28-2019 02:36 PM
I'd just go straight to support with something like this so they can view the logs and see what the debug info is actually stating. It kind of sounds like the upgrade might have effected a few files in an adverse way however.
05-29-2019 07:54 AM
I did that and they weren't able to figure it out. Asked me to reboot it again to see if it clears whatever the problem is. Will probably do that sometime today.
05-08-2020 07:34 AM
@drewdown How did you resolve this, i am in the same situation
05-08-2020 08:07 AM
IIRC at first I think they had us downgrade and re-upgrade but in the end we had to RMA the panorama box and that turned into a entire different mess. I would hope no one has to go through that because it seemed PA had no idea how to do it without causing interruptions.
05-11-2020 10:43 AM
For us we had to reboot firewall
08-11-2021 12:18 PM
I'm seeing the same thing on a newly installed m-600. I can login to the GUI using admin, but I get the "too many failures" thing trying SSH from the same box. There are no errors in the system or auth logs to document this. And another user is able to SSH from his machine using the admin account. The box is on 9.1.10. Really annoying.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
