Errors pushing template to firewall -can't find interface in 'vr-private-trust' for next hop - - New Build

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Errors pushing template to firewall -can't find interface in 'vr-private-trust' for next hop - - New Build

L1 Bithead

Im having a hard time figuring this out, the interafces exist in the template, also exist in the vmseries firewalls themselves and I confirgured them to L3 on the firewalls...

 

 

2023-07-12 11:38:39.903 -0500 Error: pan_conn_mgr_callback_expiry_async(cs_conn.c:8788): connmgr: Expired Request. entry:1024, msgno=0 devid=007957000386926-log-collection-lr-cms0-def
2023-07-12 11:38:44.621 -0500 logbuffer: no active connection to cms0
2023-07-12 11:38:45.036 -0500 PUSH: received push-data : dgname: Transit-2-Zone, dname: 007957000386955, jobid: 142, result: error, validate only: no, has_warnings: yes, msg: <msg cmd="push-data" dname="007957000386955" dgname="Transit-2-Zone" tplname="Transit" jobid="142" result="error">
<errors>
<line>can't find interface in 'vr-private-trust' for next hop 10.X.X.X(Module: routed)</line>
<line>client routed phase 1 failure</line>
<line>Commit failed</line>
</errors>
<warnings> </warnings>
<app-warn/>
<shadow-warn/>
</msg>2023-07-12 11:38:45.037 -0500 Template update device status - tplname: Transit, dname: 007957000386955, jobid: 142, result: error, validate only: no, has_warnings: yes, msg: <msg cmd="push-data" dname="007957000386955" dgname="Transit-2-Zone" tplname="Transit" jobid="142" result="error">
<errors>
<line>can't find interface in 'vr-private-trust' for next hop 10.X.X.X(Module: routed)</line>
<line>client routed phase 1 failure</line>
<line>Commit failed</line>
</errors>
<warnings> </warnings>
<app-warn/>
<shadow-warn/>

1 REPLY 1

Cyber Elite
Cyber Elite

Hello @MKurowksi

 

thanks for posting.

 

This one looks like tough to troubleshoot.

 

What I would do is following to isolate the issue:

- Delete all the configuration in Template and add configuration one by one and push each added configuration to the Firewall until I either succussed or hit the issue at what point I would know what step exactly caused it.

- Push all Template configuration first before pushing Device Group configuration. Do not combine Device Group and Template Stack configuration in one push.

-  Go to Template you are having issue with, then navigate to Interfaces, then navigate to the interface that belongs to VR: vr-private-trust and click on drop down list, then click on "Global Find" to check whether this interface is really reference in all mandatory configuration sections.

 

Kind Regards

Pavel

Help the community: Like helpful comments and mark solutions.
  • 1476 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!