Unable to SSH to Palo Alto Networks Device With SSH v2

Unable to SSH to Palo Alto Networks Device With SSH v2

57863
Created On 09/25/18 19:49 PM - Last Modified 06/08/23 00:53 AM


Resolution


Issue

Unable to use SSHv2 to any Layer 3 interfaces on a Palo Alto Networks device even if Management Profile is configured to allow SSH access.

Cause

The issue may be caused by having Vulnerability Protection enabled with the "Block" action in a Security Policy. To confirm, go to Monitor > Logs > Threat. Look for "SSH2 Login Attempt" in the Threat log. The Threat ID is 31914.
Screen Shot 2013-06-18 at 4.26.15 PM.png

Resolution

To resolve the issue, add an exception for Threat 31914.

  1. Navigate to Objects > Security Profiles > Vulnerability Protection
  2. Add an exception to the Vulnerability Protection Profile by clicking on the Exceptions tab and  entering "( id eq '31914' )".
  3. Click the checkbox for "Show all signatures".
  4. Once the threat is displayed, check the checkbox to enable.
  5. Commit the changes.
    Screen Shot 2013-06-18 at 4.34.13 PM.png

owner: ymiyashita
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClepCAC&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language