I'm having a problem with adding the log collectors in a Panorama M-100 HA setup.
I have two M-100 appliances, both in mixed mode. HA is configured and is working as expected.
The problem is that I cannot get M-100 #1 to connect to the log collector on M-100 #2 and vice versa. (see attached photo)
I'm currently running 6.0.2, and both devices are on the same subnet, so there should not be any network issue.
Is this a supported setup, or/and am I doing something wrong here?
you'll want to add both collectors to a collector group, then commit the changes to panorama and then commit to the collector group
that should fix it
Thanks for your replay.
I was not able to add the log collector of the passive Panorama through the web-gui, as it didn't show up under "device log forwarding" tab.
Using the CLI I was able to add the collector to the collector group with the command "set log-collector-group group_name logfwd-setting collectors serialnumber", and successfully commit the changes to Panorama.
However, the collector group commit fails, because the log collector of the passive Panorama is not connected to the active.
Screen dump is from the active Panorama. The status is the same on the passive, only that it's the other collector that's connected.
are they both in the same collector group ? Can you verify the commit is going thorugh properly on both panoramas ?
Yes, they are in the same collector group.
Commit is alos going through on both Panoramas. I can see in the logs in the passive Panorama that the configuration was successfully syncronized after the last Panorama commit on that active Panorama.
I'm looking at this today.
Should I open up a case for this, and let you have a look at it?
As Tor described, the two Panoramas can't connect to the other Panoramas log-collector and vice versa.
Not sure what we are doing wrong, since a setup like lacks some documentation in my opinion.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!