Unable to fetch the user information from the firewall running as a redistribution agent

Unable to fetch the user information from the firewall running as a redistribution agent

4594
Created On 03/04/22 00:44 AM - Last Modified 04/23/24 03:44 AM


Symptom


  • Firewall running as a redistribution agent
  • The required settings are configured correctly.
  • There is no user information such as ip-user-mappings or HIP data from the firewall.
  • The following logs are seen in the distributord.log of the redistribution agent firewall.
+0900 Error: pan_dcom_epoll_remove_event(pan_dcom.c:197): epoll object is NULL for fd 61
+0900 close socket fd 61(redistribution_61)
+0900 Error: pan_dcom_sock_accept(pan_dcom_sock.c:1411): failed to create sock for accpeted fd 61 in server sock 63(redistribution)

Environment


  • Palo Alto Firewalls.
  • PAN-OS l< 10.0.8.
  • Redistribution Agent configured.

Cause


UIA connection can't be established because the TCP listener's backlog queue is full.

Resolution


Resolution: 
Upgrade the PAN-OS to 10.0.8 or later.

Workaround: 
Temporary workaround is restarting the distributors from CLI using the command below. 
> debug software restart process distributord

Additional Information


Configure Data Redistribution
Redistribute User-ID Information Between Prisma Access and On-Premises Firewalls

Open a support case if you need to identify the exact root cause of the issue.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004NRECA2&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language