Enable certificate authentication on Paloalto Firewall

Other than password based authentication, you can use certificate to authenticate admin user to Paloalto admin GUI. Here is how to enable certificate based authentication. Please be advised, after enabling certificate authentication you CANNOT authenticate with password to web GUI anymore. 01. Import root CAa) Navigate to Device>Certificate Management>Certificates>Importb) Give the root ca a name… Continue reading Enable certificate authentication on Paloalto Firewall

Install certificate on Paloalto Firewall for admin GUI https

01. Import your certificate to Paloalto Firewall. You can use either pfx(certificate and key in single file) format or pem(certificate and key in 2 different file) format. Option1(pfx format)Navigate to Device>Certificate Management>Certificates>Import Option2(pem format)*Paloalto only accept encrypted pem keyNavigate to Device>Certificate Management>Certificates>Import 02. Confirm the certificate has been imported successfully and the key column has… Continue reading Install certificate on Paloalto Firewall for admin GUI https

Formatting and loading FortiGate firmware image using TFTP

If you forget your admin password or your fortigate device does not boot. You might need to load firmware to your fortigate device, here is how to do it. For this to work, you need to have a console connection to the device. 01. Hit any key during the boot up sequence to enter configuration… Continue reading Formatting and loading FortiGate firmware image using TFTP

How to config CyberArk automatic unlock suspend account

By default, when a user is suspended/locked by CyberArk the system do not Auto Unlock the user. This post demonstrates how to config CyberArk to Auto Unlock the user. Please noted, manual unlock is recommended since CyberArk managed privilege accounts. 01. Change “UserLockoutPeriodInMinutes” value in dbparm.ini to your chose. If you change it to 10,… Continue reading How to config CyberArk automatic unlock suspend account

Paloalto firewall ssh authentication with public key

It’s common that administrator login to ssh server with key to avoid typing password all day. This post demonstrates how to config Paloalto firewall to use ssh key authentication. 01. Go to Device>Administrators, select the user name you want to add ssh key authentication. 02. Check “Use Public Key Authentication(SSH)” 03. Import your ssh public… Continue reading Paloalto firewall ssh authentication with public key

Factory Reset Palo Alto Firewall without admin password

This post demonstrate how to perform factory reset if you don’t have admin password. For this to work, you need a console connection to firewall. 01. Reboot firewall by unplug the power cable and then plug it back in. 02. From console output, select “PANOS (main-sysroot1)”. Please noted, this selection only show up around 5… Continue reading Factory Reset Palo Alto Firewall without admin password

Cisco Switch authentication with radius(AD NPS)

Step 1. login to Cisco switch with console cable and go into configuration mode Step 2. config authentication method to radius Step 3. Give your radius server a name Step 4. config radius server information Step 5. config radius pre-share key Step 6. Open Network Policy Server(NPS) Step 7. Add a new radius client Step… Continue reading Cisco Switch authentication with radius(AD NPS)