User-ID stopped populating mappings - OS 4.0.12

Reply
Highlighted
Not applicable

User-ID stopped populating mappings - OS 4.0.12

I am running OS 4.0.12 and have an issu with the user-ID / mappings not populating in the logs. 

show user pan-agent statistics:

IPs      Activity Timer(s) Domain          Index

ncmpdcden01      10.250.12.10    5009  vsys1   *connected, ok     989    906

651185   21844256 600      ncm             0

show user ip-user-mapping:

IP              Ident. By User                             Idle Timeout (s) Max.

Timeout (s)

Total: 0 users

I read in documentation how to restart the service via the PAN CLI, but the debug user-id, etc command is not available in 4.0.12...  How can I restart the user-id connection?  Or is there a better way to correct this issue?  The PAN service on the DC's have already been restarted.

Thanks!

Highlighted
L5 Sessionator

Re: User-ID stopped populating mappings - OS 4.0.12

You can restart the user-id process on the 4.0.12, by restarting the device server.

>debug software restart device-server

Hope that helps.

BR,

Karthik

Highlighted
Not applicable

Re: User-ID stopped populating mappings - OS 4.0.12

Will the >debug software restart device-server command impact traffic?

For an HA pair, should this command be executed on each one or just the active?

Highlighted
L3 Networker

Re: User-ID stopped populating mappings - OS 4.0.12

Just running the command on the Active device should be enough and it should ideally not affect the traffic as device server is a module that belongs to the management plane.

Highlighted
L5 Sessionator

Re: User-ID stopped populating mappings - OS 4.0.12

The device server takes care of pushing configuration to the DP, and is also responsible for URL filtering requests/responses, along with handling user id functions. The device server usually comes up real quick after we restart the service. But you can still execute the command after office hours to be on a safer side.

You can execute this command on the active, and the active firewall will synchronize the new information that it learnt after restarting the device server to its peer.

Best regards,

Karthik

Highlighted
Not applicable

Re: User-ID stopped populating mappings - OS 4.0.12

After running the command, I still do not see user ID's populating in the logs, etc.  Any other ideas?

Highlighted
L5 Sessionator

Re: User-ID stopped populating mappings - OS 4.0.12

Please try the steps mentioned in these links.

https://live.paloaltonetworks.com/docs/DOC-3053

https://live.paloaltonetworks.com/docs/DOC-1431

https://live.paloaltonetworks.com/docs/DOC-1308

Can you attach the output of the command,

>tail lines 500 mp-log devsrvr.log

Best regards,

Karthik

Highlighted
L6 Presenter

Re: User-ID stopped populating mappings - OS 4.0.12

we had the same issue with panagent before.I cannot be sure if they are the same issue but restarting services and also management plane did not solve our issue.it was fixed with reboot completely

Highlighted
Not applicable

Re: User-ID stopped populating mappings - OS 4.0.12

I went through the documentation and verified settings, etc.  The agent is connected...  but not reporting any data to populate the user-id in the logs.  Any other suggestions?

Highlighted
L3 Networker

Re: User-ID stopped populating mappings - OS 4.0.12

Have you tried restarting the user-id service on the machine on which the pan_agent is installed?

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!