I have an issue with the action rule not being pushed to the agents, as it is not either applied or delivered, at first it would show as all applied but zero is delivered, but now it is not being applied or delivered, I don't think that it is related to the version as I have tested and it happens on 4.1.5 and 4.2.3 and I believe 4.2.2 too, the common thing is that the port used to communicate with the agent is not the default port (2125), is there somthing that needs to be done when using a custom port, or is it a bug.
The agents are obviously showing connected, and new policies are are being updated normally, even when the agent initiate the "Send Support File", it would be sent succsseffly, so I wanted to know the port that is being used for the action rules, also after analyzing the logs from both the agents and ESM I relaize that the action rule is associated with the URL https://ESM/EndpointSecurityManager/Update.
So is this a bug, or misconfiguration.
I would recommend double check all of your settings on the settings tab. Pay close attention to the "Update From Server Package Address:" setting. Also, this seems like an issue that the Palo Alto Networks Endpoint Support team can help tackle on a remote session.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!