Monitor > Logs > Traffic - App-ID 'ping' not logging from endpoints.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Monitor > Logs > Traffic - App-ID 'ping' not logging from endpoints.

L0 Member

Good day everyone and thank you in advance. 

 

Just to be sure I'm not losing my mind entirely - I thought I'd post up here and see if any veterans have any ideas.  I was troubleshooting something earlier today with a re-IP on some printers traversing the PA's up to our Data Center behind ASA's.  All was well with traversal, and the ASA's were gathering hitcounts, but the PA's were not registering any hits.  I began looking at monitoring live and also discovered 'ping' is no longer logging from end-point to (anything...server, endpoint, gateway's).  I can narrow to 'ping' or dst port '0' and see that plenty of ping action is coming through, but it appears to only be registering from "devices" that aren't endpoints.  IE: 

A ping from Desktop A to Server B does not register. 

A ping from Server B to Desktop A does not register.

A ping from Server C to Server D DOES register.

A ping from Server D to 8.8.8.8 DOES register.

 

I will warn you; I am only perhaps 6 months into the PA and I have been focused on data center migrations and clinical site migrations since I got this bad boy installed, so I'm just now staring my PCNSE studies and getting 'deeper' into the box on both CLI and everything else they have to offer, so perhaps I'm just missing something simple?  I have used the monitoring for endpoint pings in the past to ensure I'm passing traffic.  I don't know what happened, to be honest?   Thank you kindly for your time.  


--------------------------------------------------------------------------------------------------
If you don't know where you want to go, the direction you travel is irrelevant.
--------------------------------------------------------------------------------------------------
1 REPLY 1

Community Team Member

Hi @jesseleiker ,

 

That does seem odd ... I can't see why it shouldn't log this traffic if the traffic is indeed traversing the FW and if you have a policy rule in place that's actually logging this traffic.

 

Might sounds too simple but you have a policy rule in place that will log this ping traffic from your endpoints ? Any other traffic from these endpoints that is being logged correctly ?

 

Cheers,

-Kiwi.

 

 

Cheers,

-Kiwi.

 
LIVEcommunity team member, CISSP
Cheers,
Kiwi
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.
  • 2848 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!