Reset Palo Alto PA-500 Firewall

Default serial console settings for Palo Alto Networks PA-500:

  • Bits per second: 9600
  • Data bits: 8
  • Parity: None
  • Stop bits: 1
  • Flow Control: None

Works great in PuTTy, just set connection type as seen below.

  1. Connect the Console cable, which is provided by Palo Alto Networks, from the “Console” port to a computer, and use the PuTTy Configuration above to connect to the Palo Alto Networks device.
  2. Power on your PA-500 once the terminal is configured as above and putty is open.
  3. During the boot sequence, the screen should look like this:
  4. Type maint to enter maintenance mode.
  5. PAN-OS 7.1: When performing this on PAN-OS 7.1, you will see a “CHOOSE PANOS” screen below. Please choose PANOS (maint). Press enter to continue.
  6. Once in maintenance mode, the following is displayed, please press enter to Continue:
  7. Arrow down to Factory Reset and press Enter to display the menu:
  8. You will see the Image that will be used to perform the factory reset. Select Factory Reset and press Enter again:
  9. The unit will reboot when complete. Please be aware that it may take several minutes (Typically 5-10) before the auto-commit completes and allows the admin/admin login to work properly.
  10. After a factory reset, the CLI console prompt transitions through following prompts on a PA-500 before it is ready to accept admin/admin login:
    1.  500 login
    2.  PA-HDF login
    3.  PA-500 login: It is at prompt #3 (need to hit enter to check if the prompt changed), that the device is ready to accept the admin/admin username/password to allow login.
Did you find this article useful? Why not share it with your friends?

Leave a Reply

Your email address will not be published. Required fields are marked *