How do I fix this?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

How do I fix this?

L4 Transporter

Trying to connect PA-500 to user id agent on domain member server and keep getting this from the agent ID app log.

 

10/02/17 18:33:09:959[ Info 1219]: New connection 10.100.20.20 : 33369.
10/02/17 18:33:09:975[ Info 1292]: Device thread 1 with 10.100.20.20 : 33369 is started.
10/02/17 18:33:09:975[Error 3352]: Failed to validate client certificate, thread : 1, 1-0!
10/02/17 18:33:09:975[ Info 1615]: Connection 10.100.20.20 : 33369 closed.
10/02/17 18:33:15:076[ Info 1219]: New connection 10.100.20.20 : 57572.
10/02/17 18:33:15:076[ Info 1292]: Device thread 1 with 10.100.20.20 : 57572 is started.
10/02/17 18:33:15:076[Error 3352]: Failed to validate client certificate, thread : 1, 1-0!
10/02/17 18:33:15:076[ Info 1615]: Connection 10.100.20.20 : 57572 closed.
10/02/17 18:33:20:193[ Info 1219]: New connection 10.100.20.20 : 38663.
10/02/17 18:33:20:193[ Info 1292]: Device thread 1 with 10.100.20.20 : 38663 is started.
10/02/17 18:33:20:193[Error 3352]: Failed to validate client certificate, thread : 1, 1-0!
10/02/17 18:33:20:193[ Info 1615]: Connection 10.100.20.20 : 38663 closed.

 

I created a self signed cert on the device. 

selfsignedcert.PNG

1 REPLY 1

Cyber Elite
Cyber Elite

what version of PAN-OS are you running and which version of UserID agent did you install?

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
  • 1803 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!