I am working on a Checkpoint to PA migration. The PA firewall is a PA-7050 managed by Panorama. The Layer-3/4 policy has been sent to the device successfully, but I am unable to get any matches using the APP-ID adoption. I have configured the connector to pull from the firewall and from the Panorama with no success. I can see the traffic logs on both the device and the Panorama. I have successfully pulled logs from the Panorama for another PA migration (PA-5060).
Its hard to figure it out from here but.
User rights: Is the username used to generate the API keys and import the Devices into the tool Superuser? We need to execute operational commands and reports.
Latency: Are the MT and the Panorama or the device in the same network? Are you connected though a VPN? sometimes the latency han raise a tmout for the report generation. Its recommended to have the tool in the same network or close.
The Time Period. Change the Period in the Log connector to last hour for example and retrieve the reports again.
Try to Select only one rule and retrieve the apps for the selection.
Double-Check to see the Log Connector assigned at the bottom bar.
Maybe you can attach an screenshot from your log connector?
Thank you for your response.
The user is a Superuser. The Migration tool and the Panorama are on the same network. I have used time periods from 1 hour to 30 days with the same result. I have tried a single rule instead of all of them. I have verified the log collector.
Since the 7050 does not forward logs to the Panorama, is there a different way of configuring the log collection?
I have the same problem here. The PA-7050 has a different kind of storing logs due to builtin M-100 (Logcard). I have not yet done deeper debugging. I case of Panorama you should be aware that logs remain on the PA-7050. This leads also to different behavior.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!