10-13-2017 12:58 AM
I cannot login to the web GUI, I receve error "Timed out while getting config lock. Please try again. ". I saw that it has to do with overloaded server managment plane so i tryed to restart it form CLI, ussing the comnad "debug software restart process management-server". The problem is that i get the same error in CLI "Server error : Timed out while getting config lock. Please try again.". In jobs list I see that ther is a Wildfire job that is active for 2 days and its on 54 percent whole time so i tryed to clear it, but i get the same error. PAN-OS version is 7.1.5 and model is PA-500.
10-13-2017 01:34 AM
I can suggest you try rebooting the firewall to regain access, but for proper troubleshooting you should reach out to support through your support partner
11-04-2020 12:38 AM
First I have to put this command:
> request config-lock remove
and after that:
> debug software restart process management-server
If I just restart management plain it didn't help.
I hope it will helps to someone.
02-11-2021 06:40 PM
That just happened to me on version 9.0.12 on a PA-5220, got a support case but recommendation was to reboot the device.
02-11-2021 11:51 PM
Hi @AlexandroDelAngel ,
At the begining of the month we experiance the same on two of our firewalls running 9.0.11.
Our TAC support says that the problem is caused by EDL refresh job.
Issue: You reported issues with WebUI and SSH Access Issue.
Yes, I have looked at the tech support file and I saw these, "mp ms.log 2021-02-01 10:00:02 2021-02-01 10:00:02.403 +0100 EDLRefresh job started processing. Dequeue time=2021/02/01 10:00:02 2021-02-01 10:00:02.777 +0100 EDL entry(0x7f49aed98000, 0x7f49f1450800, 0x7f49e6efc000 vsys1/Fab, 0, 1 ip) Entry not referenced by a rule
mp ms.log 2021-02-01 10:00:02 2021-02-01 10:00:02.781 +0100 Error: pan_ebl_set_curl_proxy_info(pan_cfg_ebl.c:5930): failed to get proxy info
mp ms.log 2021-02-01 10:00:02 2021-02-01 10:00:02.781 +0100 Error: pan_ebl_set_curl_proxy_info(pan_cfg_ebl.c:5930): failed to get proxy info
mp ms.log 2021-02-01 10:00:02 2021-02-01 10:00:02.783 +0100 Error: pan_ebl_set_curl_proxy_info(pan_cfg_ebl.c:5930): failed to get proxy info."
I saw that it matches a known issue, PAN-151808. EDL refresh job stuck when certificate profile used in the config for EDL server.
Target Fix Version/s: 9.1.8, 10.0.5.Note that this answer was provided at the begining of the month, back than bug ID PAN-151808 was not yet published publically. I can see it now in the addressed issues for the new 9.1.8, which was released yesterday.
Our support was not aware if this issue will be fixed in 9.0...
His only suggestion for workaround was to not use certificate profile for EDLs.
I am still not convinced that this is the actuall reason, because our firewalls are running 9.0.11 (upgraded from 9.0.9) since end of December. And we use EDL with cert profile for very long time. I was expecting to see such issue more often as our EDL refresh every hour.
On other hand we have two other firewalls also running 9.0.11, but they haven't experiance this issue and we don't use any EDL there...
03-23-2021 08:49 AM
Same issue is happening in my case, on a PA-3250 10.0.4.
I can see the same ELD errors, but I do not believe that this is related to the issue as I see them occurring in the past day prior to the incident as well.
07-14-2021 03:23 AM
Hi,
Do you have any Kb article for this issue.
08-31-2021 09:51 AM
Same issue on our PA5280 running v9.1.8. Cannot get "commit lock" - even though there are no other commit locks. Cannot do either of these commands, as it says "Timed out while getting config lock. Please try again."
> request config-lock remove
> debug software restart process management-server
There is a WF job hung at 54% for over an hour.
Seems the only way to clear this is to reboot the whole box.
Any other thoughts? Ideas?
Thanks,
John L.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
