07-25-2022 07:09 AM
Hi Folks,
We have PA-3250 firewall deployed in our environment managed by Panorama.
The panorama is deployed in Panorama mode and the firewall is under panorama and no connectivity issue between firewall and Panorama.
The firewall is also added under log collector group setting in Panorama. Configuration vise everything is good.
The firewall was forwarding logs to Panorama but the Firewall suddenly stopped sending logs to Panorama.
We had performed TCP dump on the firewall and Panorama but not able to see any traffic for port used for log forwarding.
Upon checking the firewall logs we could see that the firewall is not forwarding logs to Panorama.
Log Collector : 12070214243244
Connection IP : lr-10.222.31.130
Conn Source IP : lr - def
High speed mode : Disabled
Connection Status : lr - Inactive
Rate : 0 logs/sec
traffic 2022/07/23 21:43:01 2022/07/23 21:44:18 7114727129846332707 7114727129846332707 57016704
threat 2022/07/23 21:37:21 2022/07/23 21:37:29 7114727129572444653 7114727129572444653 2498
hipmatch Not Available Not Available 0 0 0
gtp-tunnel Not Available Not Available 0 0 0
auth Not Available Not Available 0 0 0
iptag Not Available Not Available 0 0 0
userid Not Available Not Available 0 0 0
sctp Not Available Not Available 0 0 0
decryption Not Available Not Available 0 0 0
config Not Available Not Available 0 0 0
system 2022/07/23 21:41:26 2022/07/23 21:41:32 7114727262716480254 7114727262716480254 38955
globalprotect Not Available Not Available 0 0 0
Log Collector : 12070214243244
Connection IP : lr-cms0
Conn Source IP : lr - def
High speed mode : Disabled
Connection Status : lr - Inactive
Rate : 0 logs/sec
traffic 2022/07/18 13:38:21 2022/07/18 13:38:22 7114727129786089488 7114727129786089488 8825
threat Not Available Not Available 0 0 0
hipmatch Not Available Not Available 0 0 0
gtp-tunnel Not Available Not Available 0 0 0
auth Not Available Not Available 0 0 0
iptag Not Available Not Available 0 0 0
userid Not Available Not Available 0 0 0
sctp Not Available Not Available 0 0 0
decryption Not Available Not Available 0 0 0
config Not Available Not Available 0 0 0
system 2022/07/18 13:35:16 2022/07/18 13:35:32 7114727262716440655 7114727262716440655 100880
globalprotect Not Available Not Available 0 0 0
Thanks in advance.
07-25-2022 02:19 PM
Have you followed the basic steps outlined HERE or simply tried restarting the local firewalls management-server process yet? That would be where I'd start.
07-25-2022 02:19 PM
Have you followed the basic steps outlined HERE or simply tried restarting the local firewalls management-server process yet? That would be where I'd start.
07-26-2022 12:53 AM
HI @BPry . Thanks for the reply. After restarting the the Log receiver process on the firewall it started working and the firewall is forwarding logs to Panorama
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
