'Invalid device' when trying to load a config backed up to Panorama

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

'Invalid device' when trying to load a config backed up to Panorama

Not applicable

Hi

I am managing several devices to 3 different Panorama appliances (3 physically separate networks)

I have configured all of the Firewalls  (running 5.0.4 and 5.0.6)  with their Panorama settings and can see them in Panorama/Managed Devices.  The details such as software version and Apps and threat version are showing so I know they are talking to Panorama, when I click on Manage Backups, I can see a list of committed configs so I am confident that the devices are backing up but I have a couple of issues.

1.  When I click on 'load' next to a committed configuration in the list of backups, I dont understand where that loads to? (the message just says its loaded) Is it the configuration showing in the context in Panorama for that particular device (so when I go to that context will the candidate configuration be the one I loaded?) or is it loded onto the actual device so if I log on locally will that be the candidate config?

2.  I have two devices (running 5.0.4 and 5.0.6) which when I click 'load', I get an error message saying that the device with that serial number is an 'invalid device'.  I dont understand this as the device is registered in Panorama and is backing up to it so how can it be invalid?

          The only difference I can see is that the devices in question do not use their management interfaces whereas all the devices that can load their backups do use their management interface.  These 2 devices which show as invalid do not have an IP address on the Managed Devices tab, even though they are showing other details such as software version etc (they are managed on their outside interface, not the dedicated management interface)

A little frustrated as the primary reason to buy Panorama was to backup palo altos and now I'm not convinced I'd be able to recover one from a backup!

regards

Mat

2 REPLIES 2

L3 Networker

Hello Mat,

To answer your first question: 1.  When I click on 'load' next to a committed configuration in the list of backups, I dont understand where that loads to? (the message just says its loaded) Is it the configuration showing in the context in Panorama for that particular device (so when I go to that context will the candidate configuration be the one I loaded?) or is it loaded onto the actual device so if I log on locally will that be the candidate config?

---> When one clicks on load in the back up config sub tab...the config gets loaded on the device...it is as good as loading that version of config locally on the firewall.

Regarding your second question:

I tried to replicate it with a dataplane interface being used to connect to Panorama just as you have it set up...but do not see the same issue on 5.4 and 5.0.6 devices, it would be ideal to open up a case with support to track this issue, because as long as the devices are connected one should be able to load the config with the 'backups' load option.

Hi Chatri

Thanks very much for looking into this for me, I'll see if I can get a case opened and will post the result back on this thread

Mat

  • 2815 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!