Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
When resetting the id-manager (idmgr) on the HA passive device,... - Knowledge Base - Palo Alto Networks

When resetting the id-manager (idmgr) on the HA passive device, does this affect the active device?

28076
Created On 03/27/19 02:10 AM - Last Modified 03/11/25 03:54 AM


Question


Applicable to the following commands for resetting the id-manager (idmgr): 
debug device-server reset id-manager type all
debug device-server reset id-manager type global-interface
debug device-server reset id-manager type global-rib-instance
debug device-server reset id-manager type global-tunnel
debug device-server reset id-manager type global-vlan
debug device-server reset id-manager type global-vlan-domain
debug device-server reset id-manager type global-vrouter
debug device-server reset id-manager type ike-gateway
debug device-server reset id-manager type nat-rule
debug device-server reset id-manager type pbf-rule
debug device-server reset id-manager type security-rule
debug device-server reset id-manager type shared-application
debug device-server reset id-manager type custom-url-filter
debug device-server reset id-manager type shared-gateway
debug device-server reset id-manager type shared-region
debug device-server reset id-manager type shared-custom-url-category
debug device-server reset id-manager type shared-edl-url-category
debug device-server reset id-manager type shared-header-insert-hosts
debug device-server reset id-manager type ssl-rule
debug device-server reset id-manager type tci-rule
debug device-server reset id-manager type vsys
debug device-server reset id-manager type vsys-application
debug device-server reset id-manager type vsys-custom-url-category
debug device-server reset id-manager type vsys-edl-url-category
debug device-server reset id-manager type vsys-header-insert-hosts
debug device-server reset id-manager type vsys-region
debug device-server reset id-manager type zone
debug device-server reset id-manager type http-header-insert-header-value

Environment


  • PAN-OS

Answer


No, it only effects the device that the reset command is performed on. It is also necessary to do a commit force to rebuild the idmgr table after running the reset command. 


Resetting the id-manager:

admin@PA> debug device-server reset id-manager type security-rule
security-rule ID manager is unset! Please commit the config again.

admin@PA> configure
Entering configuration mode

[edit]
admin@PA# commit force
Commit job 886 is in progress. Use Ctrl+C to return to command prompt
..........55%70%.98%..................100%
Configuration committed successfully


Other users also viewed:
How to download GlobalProtect from the Customer Support Portal
Download and Install the GlobalProtect App for Windows
Resource List: GlobalProtect Configuring and Troubleshooting
PAN-OS Software Updates
Where to find the current preferred software versions? (PAN-OS, GlobalProtect, User-ID Agent, Plugins)
Results 1-5 of 238,436
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000boS5CAI&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail