Factory reset process on Palo Alto

1) Connect to the console and power off the firewall. When it starts to boot up, wait for the
autoboot prompt and enter maint
Autoboot to default partition in 5 seconds.
Enter maint to boot to maint partition.
INIT: version 2.86 booting
Welcome to PanOS
Setting clock (utc): Fri Jul 12 00:40:17 PDT 2013 [ OK ]
Starting udev: [ OK ]
Setting hostname PA-500: [ OK ]
Checking filesystems:
Running filesystem check on pancfg: [ OK ]
Running filesystem check on panrepo: [ OK ]
[ OK ]
Remounting root filesystem in read-write mode: [ OK ]
mount: cant find / in /etc/fstab or /etc/mtab
Enabling /etc/fstab swaps: [ OK ]
INIT: Entering runlevel: 3
Entering non-interactive startup
Starting Networking: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
Starting portmap: [ OK ]
Starting NFS statd: [ OK ]
Starting panhttpd: [ OK ]
Starting sshd: [ OK ]
Starting ha-sshd: [ OK ]
Starting xinetd: [ OK ]
Starting ntpd: [ OK ]
Starting NFS services: [ OK ]
Starting NFS daemon: [ OK ]
Starting NFS mountd: [ OK ]
Starting PAN Software: [ OK ]
2) Select Factory Reset option
Welcome to the Maintenance Recovery Tool
Welcome to maintenance mode. For support please contact Palo Alto
Networks.

866-898-9087 or support@paloaltonetworks.com
Welcome to the Maintenance Recovery Tool
Factory Reset
WARNING: Performing a factory reset will remove all logs and configuration.
Using Image:
(X) panos-4.1.6
< Factory Reset >
< Advanced >
3) Factory reset starts
(X) panos-4.1.6
Percent Complete
0%
Factory Reset Status
Factory Reset Status: Success
4) Reboot and login using admin admin
Bootstrapping [panos ] into partition sysroot0
Installing packages into /mnt/swm/sysroot0/
Installing: glibc-2.9-4.pan
Installing: zlib-1.2.3-3.pan
Installing: libgcc-4.3.3-4.pan
Installing: libstdc++-4.3.3-5.pan
Installing: popt-1.12-1.pan
Installing: chkconfig-1.3.30.1-2.pan
Installing: mktemp-1.5-23.2.2
Installing: bzip2-libs-1.0.3-3.pan
Installing: sed-4.1.5-5.pan
INIT: Sending processes the TERM signal
Stopping PAN Software: [ OK ]
Shutting down NFS mountd: [ OK ]

Shutting down NFS daemon: nfsd: last server has exited, flushing export cache
[ OK ]
Shutting down NFS services: [ OK ]
Stopping ha-sshd: [ OK ]
Stopping sshd: [ OK ]
Stopping xinetd: [ OK ]
Shutting down ntpd: [ OK ]
Stopping NFS statd: [ OK ]
Stopping portmap: [ OK ]
Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
Stopping Networking: SIOCGIFFLAGS: No such device
[ OK ]
Starting killall: [ OK ]
Sending all processes the TERM signal
Sending all processes the KILL signal
Saving random seed:
Syncing hardware clock to system time
Unmounting pipe file systems:
Unmounting file systems:
Please stand by while rebooting the system
sd 0:0:0:0: [sda] Synchronizing SCSI cache
Restarting system.
Welcome to the PanOS Bootloader.
U-Boot 4.1.6.0-7 (Build time: Apr 18 2012 22:20:45)
BIST check passed.
PEREGRINE board revision major:2, minor:1, serial #: 0006C112377
OCTEON CN5220-CP pass 2.0, Core clock: 500 MHz, DDR clock: 265 MHz (530 Mhz data rate)
DRAM: 1024 MB
Clearing DRAM.. done
Using default environment
Flash: 32 MB
PCIe: Port 0 link active, 1 lanes
Net: octeth0, octeth1, octeth2, octeth3
Bus 0 (CF Card): not available
ata0: SATA max UDMA/133: lba 48 mode
Model: WDC WD2503ABYX-01WERA1 Firm: 01.01S02 Ser#: WD-WMAYP4400518
Type: Hard Disk
Supports 48-bit addressing
Capacity: 239429.0 MB = 233.8 GB (490350672 x 512)

USB: (port 1) No USB devices found.

Autoboot to default partition in 5 seconds.
Enter maint to boot to maint partition.
Allocating memory for ELF segment: addr: 0xffffffff81100000 (adjusted to: 01100000), size
0x984d80
## Loading Linux kernel with entry point: 0xffffffff81105cd0
Bootloader: Done loading app on coremask: 03
Linux version 2.6.32.13-mp-4.1.6.0.7 (build@cobalt.paloaltonetworks.local) (gcc version 4.3.3
(Cavium Networks Version: 2_0_0 build 99) ) #2 SMP Wed Apr 18 23:09:37 PDT 2012
CVMSEG size: 2 cache lines (256 bytes)
Cavium Networks SDK-2.0
bootconsole [early0] enabled
CPU revision is: 000d0708 (Cavium Octeon+)
Checking for the multiply/shift bug no.
Checking for the daddiu bug no.
Determined physical RAM map:
memory: 0000000000046000 @ 00000000019da000 (usable after init)
memory: 0000000006400000 @ 0000000001b00000 (usable)
memory: 0000000007c00000 @ 0000000008200000 (usable)
memory: 0000000020000000 @ 0000000020000000 (usable)
memory: 000000000fc00000 @ 0000000410000000 (usable)
INIT: version 2.86 booting
Welcome to PanOS
Setting clock (utc): Fri Jul 12 00:47:25 PDT 2013 [ OK ]
Starting udev: [ OK ]
Setting hostname 500: [ OK ]
Checking filesystems:
Running filesystem check on sysroot0: [ OK ]
Running filesystem check on pancfg: [ OK ]
Running filesystem check on panrepo: [ OK ]
[ OK ]
Remounting root filesystem in read-write mode: [ OK ]
Enabling /etc/fstab swaps: [ OK ]
INIT: Entering runlevel: 3
Entering non-interactive startup
Starting Networking: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
Starting portmap: [ OK ]
Starting NFS statd: [ OK ]

Starting sshd: [ OK ]
Starting ha-sshd: [ OK ]
Starting xinetd: [ OK ]
Starting ntpd: [ OK ]
Starting NFS services: [ OK ]
Starting NFS daemon: [ OK ]
Starting NFS mountd: [ OK ]
Starting PAN Software: [ OK ]
500 login: admin
6) I couldnt get the default password correct several times dont know whybut finally it worked
Login incorrect
login: admin
Password:
Login incorrect
login: Login timed out after 60 seconds
PA-HDF login: admin
Password:
Login incorrect
login: Login timed out after 60 seconds
PA-HDF login: admin
Password:
Warning: Your device is still configured with the default admin account credentials. Please
change your password prior to deployment.
7) Enter configuration mode
admin@PA-500> configure
Entering configuration mode
[edit]
8) Set the devices management IP address
admin@PA-500# set deviceconfig system ip-address 10.2.232.3 netmask 255.255.255.0 defaultgateway 10.2.232.1 dns-setting servers primary 10.1.200.3 secondary 10.1.200.5

[edit]
admin@PA-500# commit
.55%75%98%.100%
Configuration committed successfully
[edit]
9) Confirm connectivity
admin@PA-500> ping host 10.2.232.1
PING 10.2.232.1 (10.2.232.1) 56(84) bytes of data.
64 bytes from 10.2.232.1: icmp_seq=1 ttl=255 time=0.505 ms
64 bytes from 10.2.232.1: icmp_seq=2 ttl=255 time=0.465 ms
64 bytes from 10.2.232.1: icmp_seq=3 ttl=255 time=0.475 ms
64 bytes from 10.2.232.1: icmp_seq=4 ttl=255 time=0.472 ms
64 bytes from 10.2.232.1: icmp_seq=5 ttl=255 time=0.470 ms
64 bytes from 10.2.232.1: icmp_seq=6 ttl=255 time=0.477 ms
64 bytes from 10.2.232.1: icmp_seq=7 ttl=255 time=0.518 ms
64 bytes from 10.2.232.1: icmp_seq=8 ttl=255 time=0.458 ms
^C
10.2.232.1 ping statistics
8 packets transmitted, 8 received, 0% packet loss, time 6995ms
rtt min/avg/max/mdev = 0.458/0.480/0.518/0.019 ms