can not find tid 40006, utid 0 in threat database
This warning message is bothering me, when i try to gather more information, it's find out that the Threat ID 40006 has been removed/disabled officially in PAN OS 9.0.2, while this threat-exception 40006 still being use in my profiles vulnerability, and we can't disable this threat-exception 40006 from web interface.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClmpCAC
The solution :
Access to PAN device either from telnet or ssh and perform CLI configuration :
1. Edit profiles vulnerability which is using the threat-exception.
2. Delete parameter related to threat-exception 40006.
This is what i do ( SP8-IN is my profiles vulnerability, adjust this parameter to meet your configuration ) :
rizkymd@PAN3050> configure
Entering configuration mode
[edit]
rizkymd@PAN3050# edit profiles vulnerability SP8-IN threat-exception 40006
[edit profiles vulnerability SP8-IN threat-exception 40006]
rizkymd@PAN3050# show
set profiles vulnerability SP8-IN threat-exception 40006 action block-ip
set profiles vulnerability SP8-IN threat-exception 40006 time-attribute interval 30
set profiles vulnerability SP8-IN threat-exception 40006 time-attribute threshold 5
set profiles vulnerability SP8-IN threat-exception 40006 time-attribute track-by source-and-destination
rizkymd@PAN3050# delete action
[edit profiles vulnerability SP8-IN threat-exception 40006]
rizkymd@PAN3050# delete time-attribute
[edit profiles vulnerability SP8-IN threat-exception 40006]
rizkymd@PAN3050# show
set profiles vulnerability SP8-IN threat-exception 40006
[edit profiles vulnerability SP8-IN threat-exception 40006]
rizkymd@PAN3050# commit
Commit job 3365 is in progress. Use Ctrl+C to return to command prompt
...........55%..70%.98%.........100%
Configuration committed successfully
#PALOALTO #NEXTGENERATIONFIREWALL #PANOS #INDONESIA #rizkymd
No comments:
Post a Comment