INC_RN_DNS_SERVER_UNREACHABLE_ALL_ PA_LOCATIONS
Focus
Focus
Prisma Access

INC_RN_DNS_SERVER_UNREACHABLE_ALL_ PA_LOCATIONS

Table of Contents

INC_RN_DNS_SERVER_UNREACHABLE_ALL_ PA_LOCATIONS

Learn about the INC_RN_DNS_SERVER_UNREACHABLE_ALL_PA_LOCATIONS incident.

Synopsis

Remote network DNS server <server IP address> is unreachable from all Prisma Access locations.
Incident Code—INC_RN_DNS_SERVER_UNREACHABLE_ALL_PA_LOCATIONS
Severity—Critical

Required License

AI-Powered ADEM

Details

Description
Raise condition
85% of instances cannot reach the DNS server for the last 12 minutes across all locations for the tenant.
Clear condition
Instances can reach the DNS server for the last 6 minutes for the tenant.

Correlated Alerts

  • AL_RN_DNS_SERVER_UNREACHABLE_ALL_PA_LOCATIONS
  • AL_RN_DNS_SERVER_UNREACHABLE_PER_PA_LOCATION

Remediation

  1. Identify the impact area by pinging a public DNS server and your private DNS server servicing this Prisma Access location. If this behavior affects the public DNS, contact Palo Alto Networks Customer Support Portal.
  2. If you see this behavior only on a private DNS, identify whether this DNS server is reachable from other Prisma Access locations or from another site within your on-premises infrastructure. If the server is reachable from other Prisma Access locations or on-premises, but not the impacted site, proceed to step 3.
  3. Collect traceroute data to help identify the network path for this Prisma Access location. Based on the traceroute, validate the IPSec tunnels for the target data center or branch.
  4. If the traceroute doesn't help you identify the stoppage, contact Palo Alto Networks Customer Support Portal.