SDWAN Firewalls with Prisma Access - push to firewall failed with error "Failed to autogenerated"

SDWAN Firewalls with Prisma Access - push to firewall failed with error "Failed to autogenerated"

1724
Created On 07/11/24 06:44 AM - Last Modified 03/28/25 03:17 AM


Symptom


  • Error message "Failed to create prisma access configuration: Error occurred in one of the multi set request"
    Failed to create prisma access configuration: Error occurred in one of the multi set request 

Environment


  • Panorama
  • Plugin SDWAN 
  • Prisma Access Hub

Cause


Missing Local-ID will cause this issue.

Resolution


Option1:

  1. Record the serial number of the branch firewalls. GUI:Panorama > Managed Devices > Summary
  2. Delete the associated remote network onboarding configuration from the Cloud Services plugin and Commit the change to Panorama.
    • This can be done under GUI:Panorama > Cloud Services > Configuration > Remote Networks > Onboarding 
  3. Refresh the Prisma Access Onboarding configuration under the SD-WAN for the branch. This is done under,
    • Panorama > SD-WAN > Devices > Open the branch firewall with Prisma Access onboarding > Prisma Access Onboarding > Click on Each Interface and then Ok > Ok > Commit to Panorama. 
    • Panorama > SD-WAN > Devices > Open the branch firewall with Prisma Access onboarding > Prisma Access Onboarding > Sync to Prisma > Yes to Warning message > OK > Commit to Panorama
  4. Push the changes to the branch firewall and remote network.

Option2:

  1. Record the serial number of the branch firewalls. GUI: Panorama > Managed Devices > Summary
  2. Delete the associated remote network onboarding configuration from the Cloud Services plugin and Commit the change to Panorama. (Panorama > Cloud Services > Configuration > Remote Networks > Onboarding)
  3. Delete and reconfigure the Prisma Access Onboarding configuration under the SD-WAN for the branch. 
    • Panorama > SD-WAN > Devices > Open the branch firewall with Prisma Access onboarding > Prisma Access Onboarding > Delete the Interface(s) > Ok > Commit to Panorama.
    • Panorama > SD-WAN > Devices > Open the branch firewall with Prisma Access onboarding > Prisma Access Onboarding > Add the interfaces > Ok > Commit to Panorama.
    • Panorama > SD-WAN > Devices > Open the branch firewall with Prisma Access onboarding > Prisma Access Onboarding > Sync to Prisma > Yes to Warning message > OK > Commit to Panorama
  4. Push the changes to the branch firewall and remote network.

Additional Information



Prisma Access Hub Support

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000scUCCAY&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language