Panorama M-100 HA - Adding log collectors in mixed mode

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Panorama M-100 HA - Adding log collectors in mixed mode

L4 Transporter

Hi,

I'm having a problem with adding the log collectors in a Panorama M-100 HA setup.

I have two M-100 appliances, both in mixed mode. HA is configured and is working as expected.

The problem is that I cannot get M-100 #1 to connect to the log collector on M-100 #2 and vice versa. (see attached photo)

Skjermbilde.JPG

I'm currently running 6.0.2, and both devices are on the same subnet, so there should not be any network issue.

Is this a supported setup, or/and am I doing something wrong here?

- Tor

5 REPLIES 5

Cyber Elite
Cyber Elite

Hi Tor

you'll want to add both collectors to a collector group, then commit the changes to panorama and then commit to the collector group

that should fix it

regards

Tom

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

Hi Tom,

Thanks for your replay.

I was not able to add the log collector of the passive Panorama through the web-gui, as it didn't show up under "device log forwarding" tab.

Using the CLI I was able to add the collector to the collector group with the command "set log-collector-group group_name logfwd-setting collectors serialnumber", and successfully commit the changes to Panorama.

However, the collector group commit fails, because the log collector of the passive Panorama is not connected to the active.

collectors.JPG

commit.JPG

Screen dump is from the active Panorama. The status is the same on the passive, only that it's the other collector that's connected.

Any ideas?

Regards,

Tor

Hi Tor

are they both in the same collector group ? Can you verify the commit is going thorugh properly on both panoramas ?

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

Yes, they are in the same collector group.

Commit is alos going through on both Panoramas. I can see in the logs in the passive Panorama that the configuration was successfully syncronized after the last Panorama commit on that active Panorama.

Hello Tom,

I'm looking at this today.
Should I open up a case for this, and let you have a look at it?

As Tor described, the two Panoramas can't connect to the other Panoramas log-collector and vice versa.

Not sure what we are doing wrong, since a setup like lacks some documentation in my opinion.

/Jo Christian

/Jo Christian
  • 3844 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!