When a PPS and its PAN firewall enforcer lose connection for any reason the PPS will reconnect to the PAN and begin reconciliation. When connectivity is lost it is important for the two devices to sync up and ensure new auth tables are added to the PAN and for old auth tables to be removed, this process is called reconciliation. We've observed issues with PAN OS 8.0.6 and 8.0.7 and reconciliation. The following message can be returned by the PAN firewall during reconciliation.
<entry message="Not ready to process xmlapi data"/>