User ID 10.0.0 WITH PAN OS 10.0.0 PROBLEM

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

User ID 10.0.0 WITH PAN OS 10.0.0 PROBLEM

L2 Linker

Hi all ,

lately i did a palo alto implementation at a customer's site

i installed the user agent 10.0.0-30 for windows server , adjusted the ports on the agent and on palo alto

enabled user id on the internal zone 

in the connected devices tab on user agent the PAN device keeps flashing (appearing and disappearing)
and the user id agent is shown as disconnected on PAN

Does this have something to do with the fact that the customer upgraded to latest PAN os version 10.0.0 ?
assistance appreciated

7 REPLIES 7

Cyber Elite
Cyber Elite

are there any logs in the agent or syslog, possibly in the useridd.log (> less mp-log useridd.log) that tell you why the connection is failing?

 

does the connection go through the dataplane interfaces, or through a different firewall. is the windows firewall on the server configured to allow the connection (or disabled) ?

 

 

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

There was a system log showing traffic to the server on the specified port

 

Windows fw disabled on the client

The connection is through the Inside interface of palo alto

did you enable debugging on useridd ? you may want to try tcpdump/wireshark to see if something interesting shows up

 

 

 

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

no , i didnt enable debugging on user id 

tcpdump on traffic from PAN to the server ?

L1 Bithead

is this issue got any resolution i am facing the same but i am on 11.0

 

did you run wireshark/tcpdump to check what might be happening with the connection?

 

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

L1 Bithead

i did on PA firewall i could see reset packets but the port is locally enabled on server i could telnet to the server but not sure why the reset is coming

 

  • 3389 Views
  • 7 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!