Panorama commit fails with error "target -> devices -> 00 '00' is not a valid reference"

Panorama commit fails with error "target -> devices -> 00 '00' is not a valid reference"

4891
Created On 11/03/23 23:48 PM - Last Modified 11/04/23 02:38 AM


Symptom


  • Managed firewall is being removed from Panorama.
  • After removal, the commit on Panorama fails with error.
  • Error message "target -> devices -> 00 '00' is not a valid reference" is displayed.
  • An example of such error below 
    Validation Error:
devices -> localhost.localdomain -> device-group -> DG-1 -> post-rulebase -> security -> rules -> Rule1 -> target -> devices -> 0 '0' is not a valid reference


Environment


  • Panorama with managed Firewalls
  • PAN-OS 9.1 and higher
  • Security Policy

Cause


Some of the security rules still have references for the firewall under the target tab.

Resolution


Perform the following steps on Panorama GUI:
  1. Do a global search on Panorama for the serial number of firewall being removed (Right side top).
  2. Note down the Security rules on which the firewall is referenced.
  3. Select the Device Group > Policies and open the first noted rule.
  4. Select the target tab.
  5. Uncheck the firewall being removed.
  6. Repeat the process for the other noted rules.
  7. Commit the changes. The commit should be successful.

Additional Information


In case the firewall is already unchecked, select and unselect the same firewall again followed by Commit.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008Vl3CAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language