NGFW - Panorama registration 3978 : Traffic allowed but RST constantly.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

NGFW - Panorama registration 3978 : Traffic allowed but RST constantly.

L1 Bithead

Hi, 

 

I was trying to connect a new PA-440 spare device to our existing Panorama infrastructure, when i faced this weird issue as shown in the system logs. 

 

It's as if the TCP session starts and abruptly ends on port 3978 leading to a never ending loop of success and failure. 

 

The Panorama is natted behind a cisco so i went there to see what was going on and found these reiterating RST packets seemingly after each connection attempt from the PA-440 public ip.

 

I am not sure why this is happening ? The CISCO rules don't seem to be at fault since the TCP session builds initially however the immediate RST that happens right after is unexplained ? 

 

The PA-440 is routed behind a 5G TP-Link Router which doesn't have a fixed IP, so i have to change the corresponding object in the cisco everytime but this is not a problem for now as is it intended as a lab environment for internal testing purposes.

 

I'm suspecting something doesn't go well because of this router, but i'm not 100% sure, anyone encountered something like this before ? 

 

Little update 1 day later :

I can see the the session "established" and the traffic allowed but constantly reset on what i assume to be the peer side (cisco). Not sure why this could happen. 

OELHANCHI_0-1713863049269.png

OELHANCHI_1-1713863173974.png

 

 

Thank you

 

1 REPLY 1

L1 Bithead

Had the same issue on an other device during initial device installation phase, it was a different model (PA-220), but i was getting the same RST packets from the panorama side. 

 

The solution was to upgrade to the latest PAN-OS version, to get the recently updated root certificate. Pretty idiotic from me, trying to get a registration before the upgrade.

 

I suppose the same step would solve it for this device, can't 100% confirm however as i don't have an available license for that model yet, but very likely.

  • 524 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!