: Troubleshoot Panorama Push Failure Due to Pending Local Firewall Changes
Focus
Focus

Troubleshoot Panorama Push Failure Due to Pending Local Firewall Changes

Table of Contents
End-of-Life (EoL)

Troubleshoot Panorama Push Failure Due to Pending Local Firewall Changes

Configuration push from the Panorama management server fails due to the local candidate configuration on the firewall.
Where Can I Use This?What Do I Need?
  • Panorama
  • Device Management license
  • Support license
By default, Merge the Device Candidate Config setting is enabled when you push a configuration from the Panorama management to a managed firewall. This setting commits any pending local configuration changes on the firewall alongside the configuration pushed from Panorama. In the event local configuration changes are made, the push may fail if a local candidate configuration made on the firewall is incomplete or invalid and this setting is enabled.
If you commonly make local configuration changes on your managed firewalls, you can disable this setting to prevent any local configuration changes from being committed alongside the configuration pushed from Panorama.
  1. Log in to the Panorama Web Interface.
  2. Select CommitPush to Devices or Commit and Push.
  3. Edit Selections.
  4. Uncheck (disable) Merge with Device Candidate Config.
  5. Click OK.
  6. Push.