Firewall lost management IP and netmask after upgrading to version 10.2.x

Firewall lost management IP and netmask after upgrading to version 10.2.x

4945
Created On 04/05/24 08:12 AM - Last Modified 04/19/24 09:16 AM


Symptom


Firewall lost management IP and netmask after upgrading to version 10.2.x.

> show system info
hostname: pavm
ip-address: unknown
netmask: unknown
 

Environment


PANOS-10.2.7-hx, PA-VM-FLEX

Cause


After 10.2 PAN-OS release, it will disallow any incorrect management ip/subnet values.

For example: 
ip-address: 192.168.123.1
netmask: 255.225.255.128 <-- note the second octet is wrong (should be 255)

In versions prior to 10.2, if you do a 'show system info' command with the wrong subnet configured, it will auto-correct the output and show you the corrected subnet which can be misleading.

> show system info
hostname: pavm
ip-address: 192.168.123.1
netmask: 255.255.255.128

To see what is actually configured, you would need to go into the GUI or CLI.

mgmt.ip.png

> set cli config-output-format set
> configure
# show  | match 'deviceconfig system'
set deviceconfig system ip-address 10.194.41.210
set deviceconfig system netmask 255.225.252.0
 

Resolution


Correct the invalid management ip/subnet configuration before upgrading to version 10.2.x.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004OcDCAU&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language