Add Firewall account

Add Firewall Accounts

Palo Alto Networks firewall comes preconfigured with a default administrative account (admin), which provides full read-write access (also known as superuser access) to the firewall.

1-Create Admin Role Profiles

The way you configure administrator accounts depends on the security requirements within your organization,

Since we are in a lab environment, I will show you how to create a local administrator account with local authentication.

Please look at PaloAlto web site for more information regarding “Administrative Roles” and “Administrative Authentication”

Select Device > Admin Roles and then click Add.


Enter a Name for the profile and on the Web UI and/or XML API tabs, set the access levels


On the Command Line tab, specify the type of access to allow to the CLI: superreader, deviceadmin, or devicereader


Then click OK to save the role.


2-Create account for each administrator

Select Device > Administrators and then click Add.


  1. Enter a user Name and Password for the administrator.
  2. Select the Role to assign to this administrator. You can either select one of the predefined “Dynamic roles” or “Role based” (a custom Role)




Click OK to save the account.


Note:  in a separate post I will go through “Password Profile” creating steps.

Click Commit to commit your changes.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s