Server management cannot be restarted

cancel
Showing results for 
Search instead for 
Did you mean: 

Server management cannot be restarted

L1 Bithead

I cannot login to the web GUI, I receve error "Timed out while getting config lock. Please try again. ". I saw that it has to do with overloaded server managment plane so i tryed to restart it form CLI, ussing the comnad  "debug software restart process management-server". The problem is that i get the same error in CLI "Server error : Timed out while getting config lock. Please try again.". In jobs list I see that ther is a Wildfire job that is active for 2 days and its on 54 percent whole time so i tryed to clear it, but i get the same error. PAN-OS version is 7.1.5 and model is PA-500.

5 REPLIES 5

L7 Applicator

hi @Lutrija_Srbije

 

I can suggest you try rebooting the firewall to regain access, but for proper troubleshooting you should reach out to support through your support partner

Tom Piens
Like my answer? check out my book! https://bit.ly/MasteringPAN

First I have to put this command:

> request config-lock remove

and after that:

> debug software restart process management-server

 

If I just restart management plain it didn't help.

 

I hope it will helps to someone.

That just happened to me on version 9.0.12 on a PA-5220, got a support case but recommendation was to reboot the device.

Hi @AlexandroDelAngel ,

 

At the begining of the month we experiance the same on two of our firewalls running 9.0.11.

Our TAC support says that the problem is caused by EDL refresh job.

 

Issue: You reported issues with WebUI and SSH Access Issue. 

Yes, I have looked at the tech support file and I saw these, "mp ms.log 2021-02-01 10:00:02 2021-02-01 10:00:02.403 +0100 EDLRefresh job started processing. Dequeue time=2021/02/01 10:00:02 2021-02-01 10:00:02.777 +0100 EDL entry(0x7f49aed98000, 0x7f49f1450800, 0x7f49e6efc000 vsys1/Fab, 0, 1 ip) Entry not referenced by a rule
mp ms.log 2021-02-01 10:00:02 2021-02-01 10:00:02.781 +0100 Error: pan_ebl_set_curl_proxy_info(pan_cfg_ebl.c:5930): failed to get proxy info
mp ms.log 2021-02-01 10:00:02 2021-02-01 10:00:02.781 +0100 Error: pan_ebl_set_curl_proxy_info(pan_cfg_ebl.c:5930): failed to get proxy info
mp ms.log 2021-02-01 10:00:02 2021-02-01 10:00:02.783 +0100 Error: pan_ebl_set_curl_proxy_info(pan_cfg_ebl.c:5930): failed to get proxy info."

I saw that it matches a known issue, PAN-151808. EDL refresh job stuck when certificate profile used in the config for EDL server.

Target Fix Version/s: 9.1.8, 10.0.5.

 Note that this answer was provided at the begining of the month, back than bug ID PAN-151808 was not yet published publically. I can see it now in the addressed issues for the new 9.1.8, which was released yesterday.

 

Our support was not aware if this issue will be fixed in 9.0...

His only suggestion for workaround was to not use certificate profile for EDLs.

 

 

I am still not convinced that this is the actuall reason, because our firewalls are running 9.0.11 (upgraded from 9.0.9) since end of December. And we use EDL with cert profile for very long time. I was expecting to see such issue more often as our EDL refresh every hour.

On other hand we have two other firewalls also running 9.0.11, but they haven't experiance this issue and we don't use any EDL there...

Same issue is happening in my case, on a PA-3250 10.0.4.
I can see the same ELD errors, but I do not believe that this is related to the issue as I see them occurring in the past day prior to the incident as well.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!