Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who rated this post

L0 Member

Hi All,

I have seen this issue with other customers and I was able solve it with following steps :

  1. Delete Logging Service License key :

    Rutger@panGW> delete license key Logging_Service_xx_xx_xx.key​
    successfully removed Logging_Service_xx_xx_xx.key

  2. Request license Fetch:
    Rutger@panGW> request license fetch License entry:
    License entry:
    Feature: Logging Service
    Description: Device Logging Service
    Serial: xxxxxxxxx
    Issued: July 29, 2019
    Expires: July 27, 2022
    Expired?: no
    Log Storage TB: 1

  3. Check to see if the logging service region is being fetched. 
    In my case it was not so it was manually entered via cli:

    Rutger@panGW> request logging-service-forwarding customerinfo show
    Server error : Unable to read the LCaaS customer information. Please re-fetch region info​

  4. Configure Location Manually via CLI:
    Rutger@panGW> configure
    Entering configuration mode
    Rutger@panGW# set deviceconfig setting logging logging-service-forwarding logging-service-regions {LOCATION, Example Europe or Americas}
    Rutger@panGW# exit
    Exiting configuration mode
  5. Delete the logging service certificate

    Rutger@panGW request logging-service-forwarding certificate delete
    Successfully deleted Logging Service certificate.

  6. MANUALLY enter the PSK that you generated from the data lake

    Rutger@panGW> request logging-service-forwarding certificate fetch-noproxy pre-shared-key YOUR_KEY_HERE
    Successfully scheduled logging service certificate fetch job with a job id of 12

  7. Check the job ID it should say finished OK successful

Now your Firewall is onboarded with data lake

PS: in an active-passive cluster you only need to this on one of both firewalls, all the rest will be synced over the HA.

Who rated this post