For details on cookie usage on our site, read our Privacy Policy
UID Redistribution SSL Errors
- LIVEcommunity
- Discussions
- General Topics
- UID Redistribution SSL Errors
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
UID Redistribution SSL Errors
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-14-2020 06:16 AM - edited 05-14-2020 06:17 AM
Hoping someone else has run into this. I have been implementing UID redistribution in our PAN environment. I've stumbled across a few firewalls that will not establish a connection on port 5007, once the UID service is moved off of the default Mgmt interface (yes, appropriate firewall rules are in place). The system logs spit out an error like this:
User-ID Agent datacenter_redist_1(vsys1): Error: Failed to Connect to xxx.xxx.xxx.xxx(source: xxx.xxx.xxx.xxx), SSL error: error:00000000:lib(0):func(0):reason(0)(5) details: none
I was able to replicate this in the lab and found the error might be related to failover to the PASSIVE firewall. Upon failover I found this in the useridd.log:
Error: pan_ssl_conn_open(pan_ssl_utils.c:755): pan_tcp_sock_open() to xxx.xxx.xxx.xxx port 5007 failed; errno=150
Any ideas or suggestions would be appreciated.
- Mark as New
- Subscribe to RSS Feed
- Permalink
02-27-2022 10:44 PM
I restarted the userid process on one of my UserID box and that addressed the issue, that pair was using content update older than 8507. I don't have that same issue again.
It is working for me.
- Yara Rules error in Cortex XSOAR Discussions
- Device Certificate: can't replace old device cert by putting in newly generated OTP in General Topics
- Terminal Server Agent dedicated service user in General Topics
- Intense SSO failures in Cortex XDR Discussions
- Cortex XDR agent error 307 in Cortex XDR Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
