cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Who Me Too'd this topic

Cannot connect Log Collector to Panorama

L2 Linker

Going mad here trying to connect a dedicated log collector to a Panorama HA pair.

Followed this procedure

https://docs.paloaltonetworks.com/panorama/10-1/panorama-admin/set-up-panorama/set-up-the-panorama-v...

 

I get a far as step 12, but after the commit it never reports connected and I never get a status.

The log collector is reporting disconnected

admin@Panorama> show panorama-status

Panorama Server 1 : 10.201.24.12
    Connected     : no
    HA state      : disconnected

Panorama Server 2 : 10.201.25.12
    Connected     : no
    HA state      : disconnected

The log is constantly cycling this

2022-10-14 11:44:47.330 +0000 CMSA: Source bind sock to 10.201.25.13
2022-10-14 11:44:47.330 +0000 COMM: Source bind sock 18 to 10.201.25.13 before connect to remote ip [10.201.25.12] @port 3978
2022-10-14 11:44:47.331 +0000 COMM: connection established. sock=18 remote ip=10.201.25.12 port=3978 local port=45361
2022-10-14 11:44:47.331 +0000 cms agent: Pre. send buffer limit=87040. s=18
2022-10-14 11:44:47.331 +0000 cms agent: Post. send buffer limit=425984. s=18
2022-10-14 11:44:47.331 +0000 Warning:  pan_cmsa_tcp_channel_setup(src_panos/cms_agent.c:905): SC3A: client will use sni:'a83fdd6a-3842-4806-962b-4af693a2744d' and ccn:'353cea78-6757-45ac-9073-8fa13c4e2090'
2022-10-14 11:44:47.331 +0000 SC3: CA: 'a83fdd6a-3842-4806-962b-4af693a2744d', CC/CSR: '353cea78-6757-45ac-9073-8fa13c4e2090'
2022-10-14 11:44:47.335 +0000 CMSA: Source bind sock to 10.201.25.13
2022-10-14 11:44:47.335 +0000 COMM: Source bind sock 19 to 10.201.25.13 before connect to remote ip [10.201.24.12] @port 3978
2022-10-14 11:44:47.336 +0000 SC3: context initialized using SNI: a83fdd6a-3842-4806-962b-4af693a2744d
2022-10-14 11:44:47.336 +0000 cmsa: client will use SNI: a83fdd6a-3842-4806-962b-4af693a2744d
2022-10-14 11:44:47.336 +0000 COMM: connection established. sock=19 remote ip=10.201.24.12 port=3978 local port=39935
2022-10-14 11:44:47.336 +0000 cms agent: Pre. send buffer limit=87040. s=19
2022-10-14 11:44:47.336 +0000 cms agent: Post. send buffer limit=425984. s=19
2022-10-14 11:44:47.336 +0000 Warning:  pan_cmsa_tcp_channel_setup(src_panos/cms_agent.c:905): SC3A: client will use sni:'a83fdd6a-3842-4806-962b-4af693a2744d' and ccn:'353cea78-6757-45ac-9073-8fa13c4e2090'
2022-10-14 11:44:47.336 +0000 Error:  pan_cmsa_tcp_channel_setup(src_panos/cms_agent.c:1208): panorama agent: SSL connect error. sock=18 err=1
2022-10-14 11:44:47.337 +0000 SC3: CA: 'a83fdd6a-3842-4806-962b-4af693a2744d', CC/CSR: '353cea78-6757-45ac-9073-8fa13c4e2090'
2022-10-14 11:44:47.341 +0000 SC3: context initialized using SNI: a83fdd6a-3842-4806-962b-4af693a2744d
2022-10-14 11:44:47.341 +0000 cmsa: client will use SNI: a83fdd6a-3842-4806-962b-4af693a2744d
2022-10-14 11:44:47.342 +0000 Error:  pan_cmsa_tcp_channel_setup(src_panos/cms_agent.c:1208): panorama agent: SSL connect error. sock=19 err=1

Repeated the process multiple times, but same failure every time. Both sides are running 10.1.6-h6

Who Me Too'd this topic