Panorama is not getting connected to CDL after OTP success
3395
Created On 10/24/23 00:41 AM - Last Modified 01/28/25 06:28 AM
Symptom
- Statis of GUI: Panorama > Cloud Services > Status (error) , display grey instead of green
Environment
- Panorama M-200,
- PAN-OS 10.1.10-h2
Cause
- Incorrect cloud plug-in for panorama and/or ports 444 and 80 not open
Resolution
Check and confirm license and certificates are correct.
-
Panorama(primary-active)> request license fetchLicense should be fine -
Panorama(primary-active)> request plugins cloud_services panorama-certificate delete(Pass) -
Panorama(primary-active)> request plugins cloud_services panorama-certificate fetch debug yes otp xxxx(Success) -
Panorama(primary-active)> show system state | match custid(The output looks correct)
- If the license fetch of step 1 fails, stop and do not continue. Check network connection and engage Support if assistance is required.
- Once the above steps work correctly, Use the following commands to fix the issue.
-
Panorama(primary-active)> delete license key *key -
Panorama(primary-active)> request license fetch
Please ensure that TCP ports "444" and "80" are permitted on any filtering devices between Panorama and the Internet.
-
Panorama(primary-active)> request plugins cloud_services panorama-certificate delete -
Panorama(primary-active)>request plugins cloud_services panorama-certificate fetch debug yes otp yyyy -
Verify the Panorama status again by navigating to GUI: Panorama > Cloud Services > Status, and ensure it displays green.