Emails sending from PA are not working

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Emails sending from PA are not working

L3 Networker

Currently we are facing an issue with Emails which are not sent from palo alto firewall.

We have created a setting to send mail with reports but we are getting below error listed.

 

Connection to smtp.google.com 465 failed. Failure when receiving data from the peer

 

Please share any document related to this error and a recommendation for this.

Cheers.

4 REPLIES 4

Cyber Elite
Cyber Elite

@Vijaygvasan,

Generally speaking this simply means that your traffic is failing to send properly. Have you looking through your traffic logs or performed a packet capture to actually see if your allowing the traffic and your actually getting return traffic from Google? 

Can you share any related document for this to check.

 

Cheers

Hi

 

We have Gsuite with which palo alto need to communicate and the mail needs to recepient mail id.

I have checked with service route and changed the service route to internet line from management line for tshoot purpose.

I have tried both 25 and 465 in 10.0.1 panos yet no luck.

In traffic log 465 traffic are getting as incomplete yet the action was allow.

I have configured under device---> service profile --->email with smtp.gmail.com with port as 465 with no certificate profile---- Is it mandatory to provide a certificate profile?

I have given both username and password.

 

Please confirm me whether i need to configure the 15th  and 16th step from this document--- https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/monitoring/configure-email-alerts to get mail on my mailbox

 

Cheers

Cyber Elite
Cyber Elite

@Vijaygvasan,

G-Suite accounts are different and I don't think smtp.google.com actually works these accounts. I believe that to set this up with a G-Suite account you'll want to go through and configure smtp relay services and use the smtp-relay.gmail.com. 

Personally I would highly recommend setting up a relay and something like PostFix internally to relay those messages locally through to Gmail. 

As for your question regarding step 15 and 16, without setting up one or the either you'll never get any emails from your firewall. It's a good idea to configure both to meet best practices, but you could also just use this email profile for scheduled reports, so again whether or not you configure those steps is up to you. 

  • 4423 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!