Recently upgrade panorama to 8.0.17 and after it upgraded it got hung, so we had to reboot it to get it back. Once it was back it is no longer allowing local auth. Remote auth works via the GUI (thankfully). Neither local or remote auth works via cli (console doesn't work either).
SSH using LDAP I get this message:
Received disconnect from 10.12.99.100 port 22:2: Too many authentication failures for<ldap_user>
When using local auth via GUI I see this in the logs:
'failed authentication for user \'admin\'. Reason: Authentication profile not found for the user
When using local auth via CLI it just keeps asking for the password even though I know its right.
I read 2 articles, 1 about PAN running FSCK after a reboot but it shouldn't take nearly a week to do that (upgraded it last week). And another article about rebuilding the user database but I can't login via CLI to do that. Remote console doesn't show anything, like it won't display anything.
Has anyone see this before?
I'm seeing the same thing on a newly installed m-600. I can login to the GUI using admin, but I get the "too many failures" thing trying SSH from the same box. There are no errors in the system or auth logs to document this. And another user is able to SSH from his machine using the admin account. The box is on 9.1.10. Really annoying.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!