Some time is necessary to find out MAC address of interface on firewall to troubleshoot connectivity.
On Palo Alto firewall log in to CLI and issue command:
admin@PA-200> show interface all
--------------------------------------------------------------------------------
ethernet1/1 16 1000/full/up 00:1b:17:00:01:10
ethernet1/2 17 ukn/ukn/down(power-down) 00:1b:17:00:01:11
ethernet1/3 18 1000/full/up 00:1b:17:00:01:12
ethernet1/4 19 ukn/ukn/down(autoneg) 00:1b:17:00:01:13
ethernet1/7 22 1000/full/up 00:1b:17:dc:b5:16
ethernet1/8 23 1000/full/up 00:1b:17:dc:b5:17
vlan 1 [n/a]/[n/a]/up 00:1b:17:00:01:01
loopback 3 [n/a]/[n/a]/up 00:1b:17:00:01:03
tunnel 4 [n/a]/[n/a]/up 00:1b:17:00:01:04