Panorama to Managed Firewall Commit Error: '<url-category>' is not a valid reference.

Panorama to Managed Firewall Commit Error: '<url-category>' is not a valid reference.

17084
Created On 09/26/18 13:55 PM - Last Modified 06/07/23 17:41 PM


Symptom


Panorama to managed firewall commit produces the following error: '<url-category>' is not a valid reference."

Environment


  • NGFW
  • Panorama

Cause


The value of '<url-category>' is a valid URL category for BrightCloud but invalid for PAN-DB. The issue occurs because Panorama is on BrightCloud while the managed firewall is on PAN-DB. For example, the category "Bot Nets" is valid for BrightCloud but not for PAN-DB.

Resolution


Resolution

Panorama supports an environment where all of its managed firewalls are either on BrightCloud or PAN-DB. Panorama does not support a mixed BrightCloud and PAN-DB environment. The resolution is to either set Panorama and its managed firewalls to the same URL Filtering database (BrightCloud or PAN-DB).

 

To view what the database is currently running on the firewall/panorama, use the following command:

> show system setting url-database

 

To change the database on the firewall/Panorama, use the following command:

> set system setting url-database <value>

<value> is either "brightcloud" or "paloaltonetworks"

Note: An auto-commit will trigger after execution.

 

See Also

BrightCloud to PAN-DB Category Mapping

Does Panorama Support a Mixed BrightCloud and PAN-DB Environment?

 

owner: hshah
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm1M&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language