Firewall is stuck in maintenance mode on Azure

Firewall is stuck in maintenance mode on Azure

13320
Created On 03/18/20 08:40 AM - Last Modified 04/06/20 17:13 PM


Symptom


  • PA-VM is deployed in Azure and it boots up in MAINT mode, console access is needed to recover firewall from this state.
  • There are instances where PA-VM gets stuck in MAINT mode.
  • Console access is needed in order to recover the PA-VM from MAINT mode

Environment


  • Platform: PA-VM-300    
  • PAN-OS Version: 8.1.0 / -
  • Deployment: Azure    

Cause


  • Firewall can boot up in maintenance mode due to several reasons viz. multiple process crash, missing files from Linux root, etc.

Resolution


  • Follow below steps on Azure Portal to enable Boot Diagnostics and gain console access to the firewall instance to access Maintenance Recovery Tool (MRT) which would help understand the reason for this behavior and allow to perform possible recovery steps. (refer screenshots)

 Step 1: Azure Console > Resource Group > Click on VM > Click on Boot diagnostic

User-added image

 Step 2: Click on Settings > On > Select Storage Account > Save

User-added image

 Step 3: Azure Console > Resource Group > Click on VM > Serial console > This gives interactive console access

User-added image
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PP75CAG&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail