Firewall fails send out syslog using TCP after upgrading to PAN-OS 10.2.0

Firewall fails send out syslog using TCP after upgrading to PAN-OS 10.2.0

1506
Created On 01/13/23 21:14 PM - Last Modified 07/16/25 21:18 PM


Symptom


  • Syslog over TCP not working after upgrading to 10.2.0.
  • Port 5555 (TCP), 5556 (TCP) configured for TCP , cannot see any traffic for these ports.
  • Syslog over UDP working using port 1514. the session created from the FW and the logs in the syslog server.
  • Syslog over TCP from the management interface  also doesn't work.

Environment


  • PAN-OS 10.2.0
  • Syslog using TCP

Resolution


  1. The issue is addressed under PAN-185616.
  2. Upgrading to the fixed PAN-OS versions 10.2.1 or later will fix the issue.
  3. For 10.1.x release it is fixed in 10.1.6 version.
  4. As a workaround, use syslog over UDP port 514

Additional Information


16 June 25 (Vijay) - Channel Status corrected.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kGG3CAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail