InControl alarm "Local changes have been detected" after firewall upgrades

Last modified on 25 May, 2021. Revision 4
The alarm "local changes have been detected on device" is always triggered after performing a firewall software version upgrade. What is the reason for this to trigger and does it need any action?
Up to date for
cOS Core 13.00.10
InControl 2.40.00
Status OK
Author
Peter Nilsson

Question

Every time we upgrade a firewall through InControl with a new cOS Core version, we are getting an InControl warning alarm saying: “Local changes have been detected on device”. This is true if the upgrade is done manually through InControl or it is scheduled. Why do we get this warning?

Answer

This is expected. The reason for this alarm is because when we perform a firewall upgrade (no matter what the version is) there is a configuration conversion performed to go from version A to version B (even if you downgrade). This will result in the cOS Core configuration version counter increasing by one. The following message is an example of what might be seen in the local console of a firewall during the upgrade procedure:

NOTE: Found configuration for a different core version: 13.00.10.01-35786
NOTE: Successfully converted configuration (localcfgver=206)

InControl watches for changes in the configuration version counter (localcfgver) and interprets this as if a local change has been made (the same alarm would trigger if you make a configuration change directly via the firewall’s  WebUI or the CLI). It is therefore totally normal to see this alarm during cOS Core upgrades (or downgrades) and it should be ignored. Note that the current configuration counter value for a firewall can be shown by entering the “show device” command in the cOS Core CLI.



Related articles

No related articles found.



Tagsincontrolalarmwarning