11-29-2021 01:56 PM
I cannot commit changes on a PA-850 running 10.1.3
The error message shows below. What is the cause of this error?
Failure parsing config response (Module: dhcpd)
client dhcpd phase 1 failure
Duplicate certificate subject found
Warning: tunnel tunnel.2 ipv6 is not enabled. IPv6 address will be ignored!
11-29-2021 03:09 PM
Why don't you check the logs with 'less mp-log ms.log' via CLI?
The error is related to DHCP configurations.
11-29-2021 03:11 PM
Thank you for the post @LCMember2099
Could you try to restart DHCP or management process to see this error goes away?
debug software restart process dhcp
debug software restart process management-server
If this does not resolve the issue, could you have a look into logs: tail lines 100 mp-log pan_dhcpd.log
Was there any change prior to this issue?
11-29-2021 05:17 PM
Hi @LCMember2099 ,
Ensure the subnet of the DHCP pool matches the interface IP address to which the pool is configured.
PS Delete the unused cert with the duplicate CN and enable IPv6 under tunnel.2 to get rid of your 2 warnings. You do not need to supply an IPv6 address. Just check the box.
12-01-2021 06:57 PM
One of the interface originally had DHCP enabled. We added the DHCP config back and was able to commit. We then deleted the DHCP config and was still able to commit. Weird.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!