- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- CN-Series
- VM-Series:
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
Security Operations
- Resources
- COVID-19 Response Center
Server management cannot be restarted
- LIVEcommunity
- Collaboration
- Discussions
- General Topics
- Server management cannot be restarted
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Server management cannot be restarted
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
10-13-2017 12:58 AM
I cannot login to the web GUI, I receve error "Timed out while getting config lock. Please try again. ". I saw that it has to do with overloaded server managment plane so i tryed to restart it form CLI, ussing the comnad "debug software restart process management-server". The problem is that i get the same error in CLI "Server error : Timed out while getting config lock. Please try again.". In jobs list I see that ther is a Wildfire job that is active for 2 days and its on 54 percent whole time so i tryed to clear it, but i get the same error. PAN-OS version is 7.1.5 and model is PA-500.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
10-13-2017 01:34 AM
I can suggest you try rebooting the firewall to regain access, but for proper troubleshooting you should reach out to support through your support partner
Like my answer? check out my book! https://bit.ly/MasteringPAN
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
11-04-2020 12:38 AM
First I have to put this command:
> request config-lock remove
and after that:
> debug software restart process management-server
If I just restart management plain it didn't help.
I hope it will helps to someone.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-11-2021 06:40 PM
That just happened to me on version 9.0.12 on a PA-5220, got a support case but recommendation was to reboot the device.
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-11-2021 11:51 PM
Hi @AlexandroDelAngel ,
At the begining of the month we experiance the same on two of our firewalls running 9.0.11.
Our TAC support says that the problem is caused by EDL refresh job.
Issue: You reported issues with WebUI and SSH Access Issue.
Yes, I have looked at the tech support file and I saw these, "mp ms.log 2021-02-01 10:00:02 2021-02-01 10:00:02.403 +0100 EDLRefresh job started processing. Dequeue time=2021/02/01 10:00:02 2021-02-01 10:00:02.777 +0100 EDL entry(0x7f49aed98000, 0x7f49f1450800, 0x7f49e6efc000 vsys1/Fab, 0, 1 ip) Entry not referenced by a rule
mp ms.log 2021-02-01 10:00:02 2021-02-01 10:00:02.781 +0100 Error: pan_ebl_set_curl_proxy_info(pan_cfg_ebl.c:5930): failed to get proxy info
mp ms.log 2021-02-01 10:00:02 2021-02-01 10:00:02.781 +0100 Error: pan_ebl_set_curl_proxy_info(pan_cfg_ebl.c:5930): failed to get proxy info
mp ms.log 2021-02-01 10:00:02 2021-02-01 10:00:02.783 +0100 Error: pan_ebl_set_curl_proxy_info(pan_cfg_ebl.c:5930): failed to get proxy info."
I saw that it matches a known issue, PAN-151808. EDL refresh job stuck when certificate profile used in the config for EDL server.
Target Fix Version/s: 9.1.8, 10.0.5.Note that this answer was provided at the begining of the month, back than bug ID PAN-151808 was not yet published publically. I can see it now in the addressed issues for the new 9.1.8, which was released yesterday.
Our support was not aware if this issue will be fixed in 9.0...
His only suggestion for workaround was to not use certificate profile for EDLs.
I am still not convinced that this is the actuall reason, because our firewalls are running 9.0.11 (upgraded from 9.0.9) since end of December. And we use EDL with cert profile for very long time. I was expecting to see such issue more often as our EDL refresh every hour.
On other hand we have two other firewalls also running 9.0.11, but they haven't experiance this issue and we don't use any EDL there...
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
03-23-2021 08:49 AM
Same issue is happening in my case, on a PA-3250 10.0.4.
I can see the same ELD errors, but I do not believe that this is related to the issue as I see them occurring in the past day prior to the incident as well.
- IBM Cloud - can't bind a public IP to any other interface except eth0 in VM-Series in the Public Cloud
- Virustotal false positive on AltDrag 1.44 software in VirusTotal
- pan-os-python SDK configure NGFW-VM HA issue in Automation/API Discussions
- Certificate Expiration Check- What it actually does in General Topics
- FIPS Enabled Panorama - Change Management IP in General Topics
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
