Error details:

SECURITY_CONSOLE: vdom copy error: invalid value (reason:none)
__add_reference_core: soid=2492, mobj=sys_zone.interface, tunnel_name fail.
add 1 fail references back to pending list
__add_reference_core: soid=2492, mobj=sys_zone.interface, tunnel_name fail.
> add reference fail: command(set system zone.vpnmgr_tunnel_namehub2spoke:interface tunnel_name) detail(datasrc invalid)
SECURITY_CONSOLE: post_vdom copy error::(errcode)131 - datasrc invalid. object: system zone.vpnmgr_tunnel_namehub2spoke:interface. detail: tunnel_name. solution: datasrc invalid (reason:none)

Analysis and solution:

1. Initial Steps: Obtain detailed debug logs and screenshots of the error to ascertain the exact nature of the problem.

2. Identify the Root Cause: In the example above, debug logs reveal that there's an issue with a specific tunnel interface (tunnel_name) concerning the VPN manager.

3. Offline Firewall Challenge: Further analysis indicates that an offline firewall within the VPN community might be causing this error. The offline status of this firewall seems to be preventing a successful policy package push.

4. Resolution Steps:

   • To address this, remove the offline firewall from the VPN community.
   • Retry pushing the policy package.

5. Follow-up: Ensure that the policy package push is now successful without any errors. If any other anomalies arise, consider exploring them separately.

Recommendation: Always ensure that all firewalls within a VPN community are active and online. If any firewalls are to be taken offline or are temporarily unavailable, it is best practice to temporarily remove them from the VPN community before making any changes or pushing policy packages.