Panorama Device Push Fails

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Panorama Device Push Fails

L1 Bithead

I am unable to push new configurations to our connected firewalls. It seems to be related to the addition of RADIUS administrators. I can log in with the local admin but even that user can't force the changes through. 

Here is an example of  the error I am getting. Now, I noticed an issue where my auth profile was listed in panorama as shared in the template, but if you want to the firewall instance it wasn't seen. I tried creating it manually there, but no dice. Now I am stuck not able to commit these pending changes and can't see to remove them to even try to fix the problem. If I could clear what is in the push to devices queue so users can use local accounts for now, that would help.

 

  • . Validation Error:
  • . mgt-config -> users -> radiusadmin -> authentication-profile 'RADIUS with DUO' is not a valid reference
  • . mgt-config -> users -> radiusadmin -> authentication-profile is invalid
  • . Commit failed
2 REPLIES 2

L2 Linker

Hi, you can to send device state directly without any commit from Panorama.

Panorama > Setup > Operations > Export or push device config bundle > (select device and OK) > Export 

 

After that load device state from firewall's CLI.

I actually solved this with support due to lack of timely response here. Now I was looking at the issues addressed in the 10.2 firmware and I found this which I suspect might have been my issue.

 

PAN-194782
Fixed an issue on Panorama where, if you added a new local or non-local administrator account or an admin user to a template, authentication profiles were incorrectly referenced.

 

Going to attempt applying the update next week and then adding my user back to the profile.

  • 3121 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!