Panorama messages.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Panorama messages.

L2 Linker

hi.

 

 Any idea why panorama suddenly started sending this messages a lot 

opaque: gRPC connection to iot.services-edge.paloaltonetworks.com:443 is broken, error: fail to parseTlsCert, err fail to load client cert[/root/client.pem], err open /root/client.pem: no such file or directory time: 2020-08-10 10:53:30

 

and how to fix this ?

 

Thanks !!

Sourav Saha
12 REPLIES 12

L7 Applicator

Did you recently updated panorama to PAN-OS 10?

L2 Linker

Yes

Sourav Saha

So the next somehow obvious question: Is your panorama allowed to connect to iot.services-edge.paloaltonetworks.com:443 or is there another device/firewall in place that blocks this connection?

if the link is not malicious, it should work 

Sourav Saha

Actually this looks like this known issue:

Screenshot_20200811-195942_Chrome.jpg

Did you try to restart panorama?

 

Source: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-release-notes/pan-os-10-0-release-information/k...

It did not work. 

Sourav Saha

so first I would make sure if this connection really is possible and not blocked anwhere and second you may want to open a support case as PAN-OS 10 is still very new and this might also be a so far not known bug which needs to be fixed in a future release.

The traffic is not being blocked, 

Sourav Saha

What is your "Device Certificate Status"?  If you don't have a valid certificate, you'll see this issue.

L0 Member

I am having valid cert and did all the above suggestion to stop this alert, still pursuing since upgrade Panorama 10.0.7 version, please post any fix for it. In the meantime we open a case with TAC.

L0 Member

I have exactly the same problem with 10.0.7. Did anyone ever find a solution?

I also experience this error logs with version 11.1.2-h4.  Please share resolution as you got from PA TS.  Thanks,

  • 15191 Views
  • 12 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!