IP address, netmask and default gateway appear as unknown on a ZTP device

IP address, netmask and default gateway appear as unknown on a ZTP device

22330
Created On 10/21/22 14:57 PM - Last Modified 05/12/23 03:13 AM


Symptom


  • ">show system info" displays the IP address, Netmask, and default gateway as unknown on a ZTP device: 
    > show system info

hostname: ZTP-Firewall
ip-address: unknown
default-gateway: unknown
netmask: unknown
ip-assignment: dhcp
ipv6-address: unknown
ipv6-link-local-address: unknown
ipv6-default-gateway: 
mac-address: unknown
time: Thu Sep 15 16:16:21 2022
uptime: 1 days, 7:18:17
family: 400
model: PA-440
cloud-mode: non-cloud
sw-version: 10.2.2-h2
global-protect-client-package-version: 0.0.0
device-dictionary-version: 57-348
device-dictionary-release-date: 2022/09/02 07:22:54 CEST
app-version: 8617-7553
app-release-date: 2022/09/08 03:25:11 CEST
av-version: 4207-4720
av-release-date: 2022/09/15 13:04:38 CEST
threat-version: 8617-7553
threat-release-date: 2022/09/08 03:25:11 CEST
wf-private-version: 0
wf-private-release-date: unknown
url-db: paloaltonetworks
wildfire-version: 699021-702368
wildfire-release-date: 2022/09/15 16:12:09 CEST
wildfire-rt: Enabled
url-filtering-version: 20220915.20217
global-protect-datafile-version: unknown
global-protect-datafile-release-date: unknown
global-protect-clientless-vpn-version: 0
global-protect-clientless-vpn-release-date: 
logdb-version: 10.2.0
dlp: dlp-3.0.1-c9
platform-family: 400
vpn-disable-mode: off
multi-vsys: off
zero-touch-provisioning: Enabled
operational-mode: normal
advanced-routing: off
device-certificate-status: Valid
  • GUI: Dashboard > General Information:
gui_unknown.png
  • Management Interface information shows the correct settings: 
    > show interface management


-------------------------------------------------------------------------------
Name: Management Interface
Link status:
  Runtime link speed/duplex/state: 1000/full/up
  Configured link speed/duplex/state: auto/auto/auto 
MAC address:
  Port MAC address 8c:36:7a:20:3a:5c 

Ip address: 192.168.1.2
Netmask: 255.255.255.0
Default gateway: 192.168.1.1
  • No configurations are applied for the ethernet 1/1 interface.

Environment


  • Any Palo Alto Networks firewall in ZTP (Zero Touch Provisioning) mode
  • Supported PAN-OS

Cause


  • The unknown value appears on that option because ZTP Firewalls use ethernet1/1 for management.
  • 'show system info' will display the data which is configured on ethernet1/1.

Resolution


  1. Configure ethernet1/1 interface settings; the values will be reflected as MGT addresses on the CLI and GUI.
OR
  1. Disable ZTP mode. Refer  Using CLI for ZTP tasks
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kEf6CAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language