SSH protocol seen as "SSH-2.0-PaloAltoNetworks_0.2"

SSH protocol seen as "SSH-2.0-PaloAltoNetworks_0.2"

8450
Created On 08/09/19 22:38 PM - Last Modified 06/02/23 19:40 PM


Symptom


You may be troubleshooting issues with SSH and noticed SSH protocol reported as  "SSH-2.0-PaloAltoNetworks_0.2" 
 

Cause


This can appear when decryption is applied for SSH proxy.

If you don't intend for this traffic to be decrypted, an exception should be configured: https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/decryption/decryption-exceptions

If you do intend for the traffic to be decrypted, be sure that the client, server, and decryption configuration are configured for to negotiate compatible cipher suites.

Additionally, if this is actually an SSH tunnel (instead of a typical SSH shell session), please note that SSH tunneled traffic is blocked and restricted according to the profiles configured on the firewall. Traffic is re-encrypted as it exits the firewall. More details @ https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/decryption/configure-ssh-proxy.html


 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PMZVCA4&lang=en_US%E2%80%A9&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail