This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Monitor subinterfaces and get NetFlow statistics

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Monitor subinterfaces and get NetFlow statistics

Go to solution
MMCiobanu
L3 Networker

‎05-14-2014 04:21 PM

Hi,

We have a PA-5020 and configured a few AGG interfaces with subinterface; recently, we installed a SolarWinds NTA to get NetFlow statistics, but I am not able to get anything from this device.

I have created a profile and applied to the subinterface through which the Internet traffic goes, but it does not send any information to the NetFlow collector.

agg.JPG.jpg

Also, is there a way we can monitor the AGG and subinterfaces using SNMP?

We do manage the device with SNMP through the management interface and I can see the physical interfaces, but not the AGG and subinterfaces.

Thank you very much.

0 Likes Likes
20 REPLIES 20

Go to solution
MMCiobanu
L3 Networker
In response to pulukas

‎07-16-2014 03:08 PM

Thank you; on it, as well.

0 Likes Likes

Go to solution
MMCiobanu
L3 Networker

‎07-16-2014 03:09 PM

Thank you; voting as well.

Go to solution
SimonBlackler
L1 Bithead

‎07-17-2014 02:45 AM

So, according to our SE this feature isn't a priority and is currently not slated for any future release either. Smiley Sad

This could be because PAN can't trivially (or otherwise) implement it because of the underlying architecture rather than not recognising it'd be very useful.

The current alternative, which is a bit of a hack and a lot of extra work in my opinion, is to use the API - https://live.paloaltonetworks.com/docs/DOC-5781

We're going to try this as this insight is essential to a subinterface deployment like ours.

I'll check back with our experiences and findings.

p.s The more people who can make noise about these FR's the better. So, ring your SE today!

Go to solution
SabreAce33
L2 Linker

‎03-27-2015 08:44 AM

Just to confirm, netflow via aggregates/sub-interfaces is supported in 6.0/6.1, but SNMP is still not supported, correct?

0 Likes Likes

Go to solution
panos
L6 Presenter
In response to SabreAce33

‎03-08-2017 04:20 AM

Hi,

 

panos 7.0 guide

 

 

Untitled picture.png

0 Likes Likes

Go to solution
nextgenhappines
L4 Transporter
In response to panos

‎03-08-2017 07:11 AM

The SNMP counter for logical interface is reporting incorrect values,

 

This is what I got back from TAC,

 

For hardware interfaces (ethernet1/21 and ethernet1/22), we only populate ""Physical port counters read from MAC" in the SMNP MIB.

These are MAC counters at the physical interface level.

For logical interfaces (AE1), we only populate "Hardware interface counters read from CPU" in the SNMP MIB.

As we do not actually have a physical interface for AE1, the MAC counters at physical level are not applicable here. We will only look for the Hardware CPU counters here.

Because most of the packets never reach the CPU as they are offloaded, we don't see a significant increment in the Hardware CPU counters.

As the counters on the hardware interfaces and the logical interfaces use different types of counters, it is not appropriate to compare the values on HW interfaces and Logical interfaces.

 

 

 

0 Likes Likes
  • 10898 Views
  • 20 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks