This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Error pushing templates from PANORAMA to PA850 device

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Error pushing templates from PANORAMA to PA850 device

Go to solution
weezy
L3 Networker

‎05-12-2025 06:58 PM

Hi All,

 

I'm pushing the templates and variables from our panorama to our new device. The variables are correct and I keep getting an error that says 

 

  • Validation Error:
  • . network -> ike -> gateway -> PA-PA-EUR-GW -> local-address -> ip 'x.x.x.x/30' is not a valid reference
  • . network -> ike -> gateway -> PA-PA-EUR-GW -> local-address -> ip is invalid
  • . Warning: No Valid Threat License
  • . Warning: Advance Routing mode is disabled , feature not supported
  • . Error: tunnel PA-PA-EUR: local interface ethernet1/1 has no IP address configured
  • . Error: tunnel configuration error
  • . (Module: device)
  • . client device phase 1 failure
  • . Commit failed

 

 

When I check the variables the IP is there and as per our SR Net Engr , I just had to keep repeating pushing it until it push completely. I've been trying this since yesterday but no luck. Does the license issue of PANORAMA can affect this?

 

Thank you for your answers.

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
PavelK
Cyber Elite
Cyber Elite

‎05-12-2025 10:02 PM

Hello @weezy

 

could you make sure that "Include Device and Network Templates" is selected when pushing configuration?

 

Kind Regards

Pavel

Help the community: Like helpful comments and mark solutions.

View solution in original post

0 Likes Likes
7 REPLIES 7

Go to solution
mshekh
L4 Transporter

‎05-12-2025 08:16 PM

Hi @weezy ,

 

As per error, it's related to configuration, I don't see any relation between license and this error. You can try with commit force once and check if commit force helps.



Best Regards,
Mohammad Talib
0 Likes Likes

Go to solution
PavelK
Cyber Elite
Cyber Elite

‎05-12-2025 10:02 PM

Hello @weezy

 

could you make sure that "Include Device and Network Templates" is selected when pushing configuration?

 

Kind Regards

Pavel

Help the community: Like helpful comments and mark solutions.
0 Likes Likes

Go to solution
weezy
L3 Networker
In response to PavelK

‎05-12-2025 10:06 PM

//could you make sure that "Include Device and Network Templates" is selected when pushing configuration?//

 

its always selected as well as the force template push and didn't fix the issue

0 Likes Likes

Go to solution
weezy
L3 Networker
In response to mshekh

‎05-12-2025 10:07 PM

//could you make sure that "Include Device and Network Templates" is selected when pushing configuration?//

 

its always selected as well as the force template push and didn't fix the issue

 

I'm working now with PA TAC and they are having a hard time to fix it.

0 Likes Likes

Go to solution
PavelK
Cyber Elite
Cyber Elite

‎05-12-2025 11:11 PM

Hello @weezy

 

thank you for reply.

 

If TAC is already working on it, you are already in better hands, however only to share. For this kind of error, my next step would be looking into configd.log file (less mp-log configd.log). This file generally includes more details about error.

 

Kind Regards

Pavel

Help the community: Like helpful comments and mark solutions.
0 Likes Likes

Go to solution
weezy
L3 Networker
In response to PavelK

‎05-12-2025 11:13 PM

TAC didn't check the MPLOG but suggested to reset the FW instead.

0 Likes Likes

Go to solution
weezy
L3 Networker
In response to PavelK

‎05-19-2025 08:50 PM

This is fix now the PA TAC didn't install the AV and wildfire that is why we are getting an error "  destination 'panw-bulletproof-ip-list' is not an allowed keyword"

 

Our SR engr installed the update and then that fix the issue.

0 Likes Likes
  • 1 accepted solution
  • 865 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks