Saturday, July 9, 2022

Palo Alto firewall - How to kill admin login sessions?


This article describes how to disconnect admin sessions logged in through web or ssh on the Palo Alto Networks firewall.
 

Step 1. Check the connected admin sessions.

show admins

admin@pa220> show admins

  Admin                           From   Client Session-start   Idle-for    Session-expiry
----------------------------------------------------------------------
  admin                    192.168.1.7      Web 11/15 12:13:10  00:01:56s  12/15 12:13:10
  admin2                     192.168.1.8      Web 11/15 12:12:28  00:02:38s  12/15 12:12:28
  admin                    192.168.1.7      Web 11/15 12:12:16  00:02:50s  12/15 12:12:16
  admin2                     192.168.1.8      Web 11/15 12:13:27  00:01:39s  12/15 12:13:27
* admin                    192.168.1.7      CLI 11/15 12:13:42  00:00:00s  12/15 12:13:42
  admin                    192.168.1.7      Web 11/15 12:12:50  00:02:16s  12/15 12:12:50

Step 2. Kill an admin session.

delete admin-sessions username admin2

admin@pa220> delete admin-sessions username admin2

admin2 administrative session deleted

NOTE:
delete admin-sessions’ will be deleting all admin sessions.

There is no way to terminate the admin sessions from the GUI.


Links

Palo Alto firewall


No comments: