Setting a Palo Alto Firewall Management IP Address via the Console using the CLI

So you want to access the Palo Alto Firewall via a console cable…Well this is how you can do just that!

Plug the RJ45 console cable into the Palo Alto Firewall and in to you PC or laptop. Find your COM port number via device manager if using Windows. If using Linux take a look at this on

Use Putty  or any other  terminal emulatorserial console  application and configure the software to use the the below settings and to access the Palo Alto Firewall.

Putty (serial)

















Log in using the default username and password: admin/admin

One you have access to the command line (CLI) issue these commands to set the ip address , default-gateway and DNS server settings as per screenshot below.

Palo CLI

After the configuration  has been committed you should be able to access the Palo Alto  via its dedicated out-of-band MGT interface ip using SSH for CLI access or browse via https for the WebUI. 

The MGT interface will only pass management traffic and can not be configured as a standard data interface. Hardware firewalls use the default out the box, you can also configure the  MGT interface to use DHCP.

For Virtual firewalls the MGT interface is set to DHCP as default.

If you are using a Virtual Palo Alto within a hypervisor like myself  you would access the CLI from console instead of physically plugging into the Palo Alto firewall. Use the same commands above to set the management ip and default-gateway above.

Palo Alto GUI Login
















Share and Enjoy:
  • Facebook
  • Google Bookmarks
  • Digg
  • email
  • LinkedIn
  • Live

Leave a Reply