Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience. Visit our blog to learn more.
02-04-2015 06:30 AM
Hi Guys,
I can connect via serial and console port from CLI to Firewall. But when i am trying to set ip for management interface i'm getting the following error
Server error : system -> authentication-profile 'LDAP Authentication Profile' is
not a valid reference
Can anybody help me?
Thanks
Tigran
02-04-2015 06:41 AM
Hello ,
Please try the following command in configure mode to delete the authentication profile and assign ip-address to management interface.
>configure
#delete deviceconfig system authentication-profile
#set deviceconfig system ip-address <ip-address> default-gateway <gateway-address> netmask <net-mask>
#commit
Regards,
Hari Yadavalli
02-04-2015 06:41 AM
Hello ,
Please try the following command in configure mode to delete the authentication profile and assign ip-address to management interface.
>configure
#delete deviceconfig system authentication-profile
#set deviceconfig system ip-address <ip-address> default-gateway <gateway-address> netmask <net-mask>
#commit
Regards,
Hari Yadavalli
02-09-2015 05:06 PM
It sound like you had this firewall managed from Panorama and commit is failing.
When there's an invalid reference, you usually have objects in the candidate config pointing to other objects that are supposed to be created from Panorama. If the referred-to object is created locally, or if it didn't exist, you may get the "is not a valid reference" error.
What you can do is locate the object that is referencing the Panorama object and delete it.
If Panorama had connectivity to the device, a commit to Template and Device Group should resolve the issue.
You can explore the candidate config with commands:
> set cli config-output-format set
> configure
# show
... to see lines including references to 'LDAP Authentication Profile'
you could issue command:
# show | match "LDAP Auth"
Once the invalid references are cleared, you should be able to commit.
If you don't know how to delete them, please contact Palo Alto Networks Support.
02-09-2015 11:29 PM
Just export the config
Delete "LDAP Authentication Profile"
import the config and try to commit again.
02-10-2015 04:59 AM
The advice above will eliminate the commit error.
But the first task is to find out WHY LDAP was configured in the first place and make sure removing this configuration is the correct solution. If LDAP is supposed to be used then there are configuration mistakes made that have introduced this error and they should be investigated and repaired.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
