Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[CSO] SDWAN policy update failure for newly provisioned site

0

0

Article ID: KB35086 KB Last Updated: 14 Oct 2019Version: 1.0
Summary:

This article explains the issue of SDWAN policy failure due to signature database not installed on newly provisioned devices.

The content in this article specifically applies to CSO 5.0.1

Symptoms:

Snippet of job failure:

Task: Deployment Task/SDWAN policy deployment on device <device name>

Sep 17, 2019, 9:51:40 AMTask started
Sep 17, 2019, 9:51:41 AMTask for SDWAN policy configuration deployment on device <device name> with device id cd535ea6-4e1f-448f-813f-0e9fe4e2f4de submitted
Sep 17, 2019, 9:52:43 AMTask for SDWAN policy configuration deployment on device <device name>‚Äč with device id cd535ea6-4e1f-448f-813f-0e9fe4e2f4de failed.Exception occurred while executing workflow to configure SD-WAN policy on the device. Solution recovered and restored after SD-WAN policy deployment failures.Please check link config and retry. Check logs for pslam core for more details.
Sep 17, 2019, 9:52:43 AM Task complete

Cause:

This issue is due to signature database not installed in devices as indicated in Job logs.

Click on Monitor > Jobs. Then select the job > View Detailed logs. Then select the logging level as Error to see the error log

Config deploy failed: {u'status': u'FAILURE', u'hapi_remote_host': u'csp.csp-dms-cms-inv-central-core-d67597c77-glxvt', u'description': u'\n{"error_data": {"status_code": "500", "error_tag": "Command Execution Error", "error_message": "requestid: api_server_db_b0e5024b-6c43-4ee8-aab6-3af21e19a63c,api_server_db_b0e5024b-6c43-4ee8-aab6-3af21e19a63c,vRl0,O9zB,Rvzs,EZ9P.71a71466-d96b-11e9-b512-0eba6f716553 deviceid: cd535ea6-4e1f-448f-813f-0e9fe4e2f4de \\n\\nprotocol\\noperation-failed\\nerror\\n\\nnone\\n\\n\\n[edit services]\\n\\n\\napplication-identification\\n\\n\\nvalidation failed: application junos:MS-TEAMS is not found in CSO-Collaboration-AV\\n\\n\\n\\nprotocol\\noperation-failed\\nerror\\n\\nconfiguration check-out failed\\n\\n\\n\\n]]>]]>\\n \\n\\nprotocol\\noperation-failed\\nerror\\n\\nnone\\n\\n\\n[edit services]\\n\\n\\napplication-identification\\n\\n\\nvalidation failed: application junos:MS-TEAMS is not found in CSO-Collaboration-AV\\n\\n\\n\\nprotocol\\noperation-failed\\nerror\\n\\nconfiguration check-out failed\\n\\n\\n\\n]]>]]>\\n", "error_diag": "This error is propagated from DCS. It occurs during device command execution. "}}', u'hapi_request_id': u'api_server_db_b0e5024b-6c43-4ee8-aab6-3af21e19a63c,api_server_db_b0e5024b-6c43-4ee8-aab6-3af21e19a63c,vRl0,O9zB,Rvzs', u'requestid': u'5928888f-2bfe-4f43-a284-111e2a22c573', u'hapi_job_id': u'08759fe7-a35a-4d27-8eb6-a3463504b1b8', u'details': {u'22f31fb0-4524-4bbd-b3b0-349860dd5984': {u'status': u'FAILURE', u'abstract_config_uuid': u'22f31fb0-4524-4bbd-b3b0-349860dd5984', u'description': u'{"error_data": {"status_code": "500", "error_tag": "Command Execution Error", "error_message": "requestid: api_server_db_b0e5024b-6c43-4ee8-aab6-3af21e19a63c,api_server_db_b0e5024b-6c43-4ee8-aab6-3af21e19a63c,vRl0,O9zB,Rvzs,EZ9P.71a71466-d96b-11e9-b512-0eba6f716553 deviceid: cd535ea6-4e1f-448f-813f-0e9fe4e2f4de \\n\\nprotocol\\noperation-failed\\nerror\\n\\nnone\\n\\n\\n[edit services]\\n\\n\\napplication-identification\\n\\n\\nvalidation failed: application junos:MS-TEAMS is not found in CSO-Collaboration-AV\\n\\n\\n\\nprotocol\\noperation-failed\\nerror\\n\\nconfiguration check-out failed\\n\\n\\n\\n]]>]]>\\n \\n\\nprotocol\\noperation-failed\\nerror\\n\\nnone\\n\\n\\n[edit services]\\n\\n\\napplication-identification\\n\\n\\nvalidation failed: application junos:MS-TEAMS is not found in CSO-Collaboration-AV\\n\\n\\n\\nprotocol\\noperation-failed\\nerror\\n\\nconfiguration check-out failed\\n\\n\\n\\n]]>]]>\\n", "error_diag": "This error is propagated from DCS. It occurs during device command execution. "}}',
Solution:

To resolve this issue, ensure the latest attack database is installed on newly provisioned devices.

Note: This step has to be repeated for every newly provisioned device.

The steps below can be used for verification:
  1. Click on Administration tab > Signature Database > Install on device

  2. Signature version should reflect the correct version and Signature install status should be success.

    In case Signature database is not installed in device, select the device and install signature database.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search