Hi all ,
lately i did a palo alto implementation at a customer's site
i installed the user agent 10.0.0-30 for windows server , adjusted the ports on the agent and on palo alto
enabled user id on the internal zone
in the connected devices tab on user agent the PAN device keeps flashing (appearing and disappearing)
and the user id agent is shown as disconnected on PAN
Does this have something to do with the fact that the customer upgraded to latest PAN os version 10.0.0 ?
are there any logs in the agent or syslog, possibly in the useridd.log (> less mp-log useridd.log) that tell you why the connection is failing?
does the connection go through the dataplane interfaces, or through a different firewall. is the windows firewall on the server configured to allow the connection (or disabled) ?
did you enable debugging on useridd ? you may want to try tcpdump/wireshark to see if something interesting shows up
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!