: Troubleshoot Commit Failures
Focus
Focus

Troubleshoot Commit Failures

Table of Contents

Troubleshoot Commit Failures

This text provides troubleshooting steps for commit and push failures on Panorama, including resolving Panorama commit issues and Panorama push issues. It also provides guidance on triaging commit issues and troubleshooting template or device group push failures, as well as Panorama push failures due to pending local firewall changes.
If commit or push operation failures occur on Panorama, check for the following conditions. Review the troubleshooting steps to resolve your commit failures.
Symptom
Condition
Resolution
Panorama Commit Issues
Panorama commit lock does not release after a commit success.
Select
Panorama
Setup
Management
and edit the General Settings to disable
Automatically Acquire Commit Lock
and
Commit
.
Panorama commit fails due to the following error:
Configured dailytrsum quota of 27 MB is less than the minimum needed 32 MB
.
Select
Panorama
Setup
Management
and edit the Logging And Reporting settings.
Increase the
Quota %
value for the Daily Traffic Summary, Daily Threat Summary, Weekly Traffic Summary, and Weekly Threat Summary log storage to a value greater than 35 MB. Alternatively, you can
Restore Defaults
.
Panorama Push Issues
The Panorama management server has an earlier software version than the Dedicated Log Collectors or firewalls that it manages.
Upgrade the Panorama management server to the same or a higher software version than the managed firewalls, Log Collectors, and WildFire appliances and appliance clusters. For details, see Panorama, Log Collector, Firewall, and WildFire Version Compatibility.
The ability to receive template and device groups configuration changes from Panorama is disabled on the firewall.
Access the firewall web interface, select
Device
Setup
, edit the Panorama Settings, and then click
Enable Device and Network Template
and
Enable Panorama Policy and Objects
.
Configuration push from Panorama to managed firewalls fail due to the device registration authentication key issues.
Reset the secure connection state on the managed firewall experiencing push issues if:
  • A managed device disconnects from Panorama without reason and is not able to reconnect.
  • You transitioned firewall management from Panorama running PAN-OS 10.1 or later release to a different Panorama running PAN-OS 10.1 or later release.
  • You reset Panorama or the managed firewall to factory default settings and managed firewalls are unable reconnect.
Configuration push from Panorama fails due to local configuration changes pending on the firewall.
When you
Push to Devices
or
Commit to Panorama
from Panorama,
Edit Selections
and disable
Merge with Device Candidate Config
.

Recommended For You