For details on cookie usage on our site, read our Privacy Policy
Gets "import -> network -> logical-router unexpected here" when push to device
- LIVEcommunity
- Discussions
- Network Security
- Panorama Discussions
- Gets "import -> network -> logical-router unexpected here" when push to device
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-26-2022 02:34 AM
Hi, I did a factory reset and upgraded my PA-220 to 9.1.12-h3. Installed device certificate and licenses. No interface, no policys, just a clean firewall. Connected successfully it to my Panorama 10.1.3-h31 and successfully made an import. When doing an export I get:
Validation Error:
import -> network -> logical-router unexpected here
import -> network is invalid
Commit failed
Have tried different approach but get the same results what ever I do. Deas anyone have an idea what to do?
Thanks
/Jan P.
Accepted Solutions
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-30-2022 11:56 PM
I had similar issue with my PA- 3260 in 9.1.11 and Panorama in 10.1.3-h1. I upgraded the firewall to 10.0.7 and the issue got fixed. Luckily the firewall was not production one. I was staging that.
- Mark as New
- Subscribe to RSS Feed
- Permalink
02-07-2022 04:38 AM
Hi all, I got an answer from TAC that it is a conflict between 9.1.x and 10.x with the new "<logical-router/>".
The workaround i got was:
> configure
# delete import network
# commit
So, first export(not push+commit), then the delete + commit. This did work for me.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-27-2022 05:32 AM
It seems to be related to this :
set import network logical-router
I'm on a PA-220 running 9.1.12-h3 and Panorama 10.1.3-h1
I had the exact same issue. I can remove that line and then push the config locally, but not from panorama.
I've been through the whole remove from Panorama, re-import to panorama and try to send device group and template again but I can't make it comply so I'm going to try to upgrade the 220 to 10.0.x
I have heard tell that it would better to downgrade panorama to 10.0.x but I can't do that for operational reasons.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-27-2022 05:52 AM
Thanks for your answer. I will try to remove that line and see if I got better luck, otherwice I guess an upgraded to 10.x.x is next step.
Please let me know if the upgrade solved the problem.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-30-2022 11:56 PM
I had similar issue with my PA- 3260 in 9.1.11 and Panorama in 10.1.3-h1. I upgraded the firewall to 10.0.7 and the issue got fixed. Luckily the firewall was not production one. I was staging that.
- Mark as New
- Subscribe to RSS Feed
- Permalink
01-31-2022 05:19 AM
I waiting for respons from support but to me it looks like it is that Panorana 10.1.3.x adding "<logical-router/>" to the template but the firewall does not recognize that line. But, we´ll see what they say when the come back to me.
- CPanGPADlg::OnTimer - about refresh configruation in GlobalProtect Discussions
- Error When Adding IP Address to Address Group via the XML API in Panorama Discussions
- GP Client and DUO 2F Very strange behavior in GlobalProtect Discussions
- Vcenter plugin, Notify Groups, Inherited address objects, and matching in VM-Series in the Private Cloud
- Panorama - Force Template Value Option in Panorama Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
