Firewall reporting error: "Failed to connect to address: 65.154.xx.xx port: 3978"

Firewall reporting error: "Failed to connect to address: 65.154.xx.xx port: 3978"

40747
Created On 01/24/20 21:58 PM - Last Modified 07/07/23 02:57 AM


Symptom


  • Firewall connection flapping to Cortex logging service
  • Affected firewall(s) fail to forward logs to Panorama
  • Intermittent Management CPU spike to 100% 
  • GUI: Monitor > Logs > System
Successfully connect to address: 65.154.xx.xx port: 3978, conn id: dpilr-65.154.xx.xx-def
Failed to connect to address: 65.154.xx.xx port: 3978, conn id: dpilr-65.154.xx.xx-def
Successfully connect to address: 65.154.226.12 port: 3978, conn id: triallr-65.154.xx.xx-def
Failed to connect to address: 65.154.xx.xx port: 3978, conn id: triallr-65.154.xx.xx-def

 

Environment


  • Any NGFW
  • Panos 8.1
  • Cortex Data Lake (logging services)
  • Panorama

Cause


Disable of previous connection to Cortex Data Lake (Logging Service) causes continuous firewall connection flapping to Cortex logging service.
 

Resolution


Contact Palo Alto Networks Technical Support as the resolution will require root access.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000POOtCAO&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language