This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Issue with forwarding logs to Panorama

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Issue with forwarding logs to Panorama

tamilvanan
L3 Networker

‎03-25-2022 06:14 AM

Hi Folks,

 

We have PA-7000 series firewall configured to forward logs to Panorama.

 

Recently the firewall stopped forwarding logs to Panorama. In the logrcvr msg we could see the below output. Here the 10.0.2.250 is the Panorama and the 10.0.2.252 is the firewall.

 

On the panorama device summary we could see that the firewall is showing as connected and we are able to commit and push the changes to Firewall from Panorma without any issues.

 

Do we need to configure LFC on PA-7000 series firewall to forward the logs to the Panorama. Is separate interface need to be configured to forward the logs to Panorama.

 

 

 

2022-03-22 11:20:07   2022-03-22 11:20:07.138 +0530 connecting to remote address 10.0.2.250 @ fd -1
s8lfp0    logrcvr.log                        2022-03-22 11:20:17   2022-03-22 11:20:17.148 +0530 Server IPv4 address 10.0.2.250
s8lfp0    logrcvr.log                        2022-03-22 11:20:17   2022-03-22 11:20:17.148 +0530 Client starting. addr=10.0.2.250 port=3978 retry=2
s8lfp0    logrcvr.log                        2022-03-22 11:20:17   2022-03-22 11:20:17.148 +0530 COMM: Source bind sock 23 to 10.0.2.252 before connect to remote ip [10.0.2.250] @port 3978
s8lfp0    logrcvr.log                        2022-03-22 11:20:20   2022-03-22 11:20:20.147 +0530 Error:  pan_comm_get_tcp_conn_gen(comm_utils.c:604): COMM: cannot connect. remote ip=10.0.2.250 port=3978 err=No route to host(148) sock=23
s8lfp0    logrcvr.log                        2022-03-22 11:20:20   2022-03-22 11:20:20.147 +0530 connecting to remote address 10.0.2.250 @ fd -1
s8lfp0    logrcvr.log                        2022-03-22 11:20:30   2022-03-22 11:20:30.158 +0530 Server IPv4 address 10.0.2.250
s8lfp0    logrcvr.log                        2022-03-22 11:20:30   2022-03-22 11:20:30.158 +0530 Client starting. addr=10.0.2.250 port=3978 retry=3
s8lfp0    logrcvr.log                        2022-03-22 11:20:30   2022-03-22 11:20:30.158 +0530 COMM: Source bind sock 23 to 10.0.2.252 before connect to remote ip [10.0.2.250] @port 3978
s8lfp0    logrcvr.log                        2022-03-22 11:20:33   2022-03-22 11:20:33.157 +0530 Error:  pan_comm_get_tcp_conn_gen(comm_utils.c:604): COMM: cannot connect. remote ip=10.0.2.250 port=3978 err=No route to host(148) sock=23
s8lfp0    logrcvr.log                        2022-03-22 11:20:33   2022-03-22 11:20:33.157 +0530 connecting to remote address 10.0.2.250 @ fd -1
s8lfp0    logrcvr.log                        2022-03-22 11:20:43   2022-03-22 11:20:43.168 +0530 Server IPv4 address 10.0.2.250
s8lfp0    logrcvr.log                        2022-03-22 11:20:43   2022-03-22 11:20:43.168 +0530 Client starting. addr=10.0.2.250 port=3978 retry=4
s8lfp0    logrcvr.log                        2022-03-22 11:20:43   2022-03-22 11:20:43.168 +0530 COMM: Source bind sock 23 to 10.0.2.252 before connect to remote ip [10.0.2.250] @port 3978
s8lfp0    logrcvr.log                        2022-03-22 11:20:46   2022-03-22 11:20:46.167 +0530 Error:  pan_comm_get_tcp_conn_gen(comm_utils.c:604): COMM: cannot connect. remote ip=10.0.2.250 port=3978 err=No route to host(148) sock=23
s8lfp0    logrcvr.log                        2022-03-22 11:20:46   2022-03-22 11:20:46.167 +0530 connecting to remote address 10.0.2.250 @ fd -1
s8lfp0    logrcvr.log                        2022-03-22 11:20:56   2022-03-22 11:20:56.177 +0530 Error:  pan_conn_mgr_do_connect(cs_conn.c:11788): Failed to connect to ip address: 10.0.2.250. Timing out
s8lfp0    logrcvr.log                        2022-03-22 11:20:56   2022-03-22 11:20:56.178 +0530 Error:  pan_conn_mgr_connect_to_server_impl(cs_conn.c:12329): Not able to connect() to server 10.0.2.250

log 

0 Likes Likes
0 REPLIES 0
  • 1760 Views
  • 0 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks