07-10-2025 03:57 AM - edited 07-10-2025 04:00 AM
Hi all,
I am searching Palo Alto User-ID configuration and build Labs on EVE-NG use Palo Alto KVM.
Now I can set up LDAP and Group Mapping , it's working.
But I can not set up Data Redistribution, Connection between Firewall and User-ID Agent is No. (Connected No, log as bellow). I created Certificate and add it to Agent already.
I am using PanOS 10.2.8 and Agent 10.2.4 running Window Server 2016
Please help !
2025-07-10 19:47:32.086 +0700 pan_dcom_epoll: start epoll thread 1 at 1752151652(epoch: 1752151652)
2025-07-10 19:47:35.000 +0700 close socket fd 1026(UIA-test)
2025-07-10 19:47:35.000 +0700 Error: pan_distributor_agent_dcom_callback(pan_distributor_agent.c:2026): agent UIA-test is reset, event:1, abort:0, reset:1
2025-07-10 19:47:35.001 +0700 conn UIA-test is not connected.
2025-07-10 19:47:35.002 +0700 close conn UIA-test, same thread 0, b_notifying 0
2025-07-10 19:47:35.002 +0700 conn UIA-test has been closed by application[event=6]
2025-07-10 19:47:35.002 +0700 release conn UIA-test, notify=1
2025-07-10 19:47:35.002 +0700 close socket fd 1026(UIA-test)
2025-07-10 19:47:35.002 +0700 no work in epoll index 1
2025-07-10 19:47:35.002 +0700 pan_dcom_epoll: quit, index = 1, now=1752151655(epoch: 1752151655)
2025-07-10 19:47:40.031 +0700 [agent UIA-test] DCOM_SSL_CLNT_CONFIG
2025-07-10 19:47:40.031 +0700 [secure_conn] pan_distributor_sec_conn_load_custom_server_cert()
2025-07-10 19:47:40.031 +0700 [secure_conn] RSA key
2025-07-10 19:47:40.031 +0700 [secure_conn] Custom client ssl certificate loaded
2025-07-10 19:47:40.031 +0700 add new conn UIA-test to dcom, fd = 1026, addr = ssl@10.10.10.10#5007
2025-07-10 19:47:40.031 +0700 conn UIA-test is not connected.
2025-07-10 19:47:40.031 +0700 add socket fd 1026(UIA-test) into epoll 1 [prev total fds: 0, jobid: 0].
2025-07-10 19:47:40.031 +0700 agent UIA-test didn't establish secure communication yet
2025-07-10 19:47:40.031 +0700 pan_dcom_epoll: start epoll thread 1 at 1752151660(epoch: 1752151660)
2025-07-10 19:47:43.004 +0700 close socket fd 1026(UIA-test)
2025-07-10 19:47:43.004 +0700 Error: pan_distributor_agent_dcom_callback(pan_distributor_agent.c:2026): agent UIA-test is reset, event:1, abort:0, reset:1
2025-07-10 19:47:43.005 +0700 conn UIA-test is not connected.
2025-07-10 19:47:43.005 +0700 close conn UIA-test, same thread 0, b_notifying 0
2025-07-10 19:47:43.008 +0700 conn UIA-test has been closed by application[event=6]
2025-07-10 19:47:43.008 +0700 release conn UIA-test, notify=1
2025-07-10 19:47:43.008 +0700 close socket fd 1026(UIA-test)
2025-07-10 19:47:43.008 +0700 no work in epoll index 1
2025-07-10 19:47:43.008 +0700 pan_dcom_epoll: quit, index = 1, now=1752151663(epoch: 1752151663)
2025-07-10 19:47:48.036 +0700 [agent UIA-test] DCOM_SSL_CLNT_CONFIG
2025-07-10 19:47:48.037 +0700 [secure_conn] pan_distributor_sec_conn_load_custom_server_cert()
2025-07-10 19:47:48.037 +0700 [secure_conn] RSA key
2025-07-10 19:47:48.037 +0700 [secure_conn] Custom client ssl certificate loaded
2025-07-10 19:47:48.037 +0700 add new conn UIA-test to dcom, fd = 1026, addr = ssl@10.10.10.10#5007
2025-07-10 19:47:48.037 +0700 conn UIA-test is not connected.
2025-07-10 19:47:48.037 +0700 add socket fd 1026(UIA-test) into epoll 1 [prev total fds: 0, jobid: 0].
2025-07-10 19:47:48.037 +0700 agent UIA-test didn't establish secure communication yet
2025-07-10 19:47:48.038 +0700 pan_dcom_epoll: start epoll thread 1 at 1752151668(epoch: 1752151668)
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
