Panorama | Unable to add subinterface

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Panorama | Unable to add subinterface

L4 Transporter

iam facing below error while adding new sub-interface to our firewall – managed by panorama

 

 

Joshan_Lakhani_1-1583227839202.jpeg

 

2 accepted solutions

Accepted Solutions

Cyber Elite
Cyber Elite

@Joshan_Lakhani,

 

Try deleting the interface, push the config, re-create the interface, push template again.

 

Mayur

M

View solution in original post

i am also having this issue but i do not understand these instructions, can you please elaborate on them?


"Remove Panorama Settings (IP address and Don’t import anything)
Click OK
Edit it again and enable both Policy and Device objects.
Click OK
From Panorama, commit Device Group (including the new sub-interface)."

View solution in original post

8 REPLIES 8

Cyber Elite
Cyber Elite

@Joshan_Lakhani,

 

Try deleting the interface, push the config, re-create the interface, push template again.

 

Mayur

M

subinterface  will show in firewall but not show at panorama.

@Joshan_LakhaniIs sub-interface configuration done locally on gateway? I am just curious how configuration is pushed on gateway.

 

Mayur

M

My Panorama Version is 8.1.7 i went to say when i create sub interface or zone  on panorama and import to firewall it generate this error

@Joshan_LakhaniHave you tried to delete config on Panorama, pushed config and then reconfigure same.

 

Also look over here - https://live.paloaltonetworks.com/t5/General-Topics/Reference-not-valid-Panorama/td-p/116085

 

Mayur

M

i have delete the subinterface from panorama and pushed the template and again reconfigure the interface but issue still same. Can you please tell me is there any bug in 8.1.7 b/c iam not able to see other Firewalls sub interface  on panorama 

i am also having this issue but i do not understand these instructions, can you please elaborate on them?


"Remove Panorama Settings (IP address and Don’t import anything)
Click OK
Edit it again and enable both Policy and Device objects.
Click OK
From Panorama, commit Device Group (including the new sub-interface)."

just for clarity the fix was to mirror the exact changes you make on panorama on the local firewall. so basically you push the same config you make twice, once each device. then they match up and you get a green sync again. it may be possible to get this to work from Panorama with the "push to devices" or "push to all" but i did not have any luck. Logging into the local firewall, making the changes, committing, the doing the same config again on panorama and committing did fix it.

  • 2 accepted solutions
  • 7124 Views
  • 8 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!