Swapping the Management Interface causes the Firewall to boot in the Maintenance Mode

Swapping the Management Interface causes the Firewall to boot in the Maintenance Mode

8979
Created On 03/15/21 09:19 AM - Last Modified 07/30/25 20:19 PM


Symptom


  • The firewall gets stuck in a boot loop before going to the maintenance mode.
  • A management interface swap was initiated from the PAN-OS CLI.

Environment

Cause


  • The firewall is configured with a static IP address for ethernet1/1.
  • This is not supported if the interface swap is required between the management interface and ethernet1/1.

Resolution


  1. If the interface swap is needed on the PA-VM, perform the following steps to ensure that the firewall remains operational:
    1. Ensure that ethernet1/1 is configured as a DHCP client.
    2. Perform the interface swap using the below command from the CLI: 
      set system setting mgmt-interface-swap enable yes
    3. Reboot the firewall to enforce the interface swap.
    4. When the firewall comes up, change the IP of ethernet1/1 to static configuration if desired.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000001UmLCAU&lang=en_US%E2%80%A9&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language