- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-22-2024 07:59 AM - edited 04-23-2024 02:11 AM
Hi,
I was trying to connect a new PA-440 spare device to our existing Panorama infrastructure, when i faced this weird issue as shown in the system logs.
It's as if the TCP session starts and abruptly ends on port 3978 leading to a never ending loop of success and failure.
The Panorama is natted behind a cisco so i went there to see what was going on and found these reiterating RST packets seemingly after each connection attempt from the PA-440 public ip.
I am not sure why this is happening ? The CISCO rules don't seem to be at fault since the TCP session builds initially however the immediate RST that happens right after is unexplained ?
The PA-440 is routed behind a 5G TP-Link Router which doesn't have a fixed IP, so i have to change the corresponding object in the cisco everytime but this is not a problem for now as is it intended as a lab environment for internal testing purposes.
I'm suspecting something doesn't go well because of this router, but i'm not 100% sure, anyone encountered something like this before ?
Little update 1 day later :
I can see the the session "established" and the traffic allowed but constantly reset on what i assume to be the peer side (cisco). Not sure why this could happen.
Thank you
04-27-2024 07:37 AM
Had the same issue on an other device during initial device installation phase, it was a different model (PA-220), but i was getting the same RST packets from the panorama side.
The solution was to upgrade to the latest PAN-OS version, to get the recently updated root certificate. Pretty idiotic from me, trying to get a registration before the upgrade.
I suppose the same step would solve it for this device, can't 100% confirm however as i don't have an available license for that model yet, but very likely.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!