Can I check if a connection was dropped by the firewall?

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can I check if a connection was dropped by the firewall?

Not applicable

I frequently have people coming to me asking if I can check if a connection is dropped on the firewall.

Allow me to give you an example:

We have a trunk setup between a cisco callmanager and one from Alcatel. All traffic between the 2 systems flows through the Palo Alto's.

When someone calls from a phone connected to the Alcatel callmanager and calls another user on a phone connected to the cisco callmanager, the call is disconnected exactly after 40 minutes, every single time.

Question is, is there a way for me to show that this connection is or is not dropped by the firewall?

I know I can change the default timeouts for the apps but this is not what I'm looking for.

I also have another issue with an rsh connection where I have increased the default timeout in the appID but still any rsh session that s longer that 108 seconds gets dropped.

As long as I can't show that it is not the firewall, I'm stuck with a case of guilty till proven innocent 😞

I hope someone out there can shed some light on this.


L0 Member

I would do a 'sh session info' to confirm that all of your timeouts are set properly.

Then I would do a 'show log traffic action equal drop' and use the source or destination to see what the log is showing.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!