This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About PozsonyiAttila
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About PozsonyiAttila
01-19-2023
14Posts
3Likes
0Solutions
Jan 19, 2023Last Visited
User
Activity
User
Profile
Latest posts by PozsonyiAttila
| Subject | Views | Posted |
|---|---|---|
| 492 | 11-28-2022 12:58 AM | |
| 567 | 11-25-2022 01:05 AM | |
| 667 | 11-22-2022 07:38 AM | |
| 583 | 03-28-2022 07:41 AM | |
| 624 | 03-16-2022 03:19 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 03-28-2022 07:41 AM | |
| 1 Like | 10-04-2021 06:48 AM | |
| 1 Like | 09-22-2021 05:51 AM |
User Badges
Community Statistics
| Member Since | 10-14-2020 05:56 AM |
| Date Last Visited | 01-19-2023 10:33 AM |
| Posts | 14 |
| Total Likes Received | 3 |
02-18-2022
01:05 AM
Update.
TAC informed me, they could reproduce the issue in their lab. It's not much, but it's another step towards the solution.
Regards
... View more
02-16-2022
04:02 AM
Thanks for the update, I keep that in mind. My issue turned out to be ISP related so PAN-OS isn't guilty! 🙂 What a strange coincidence that was! Very, very similar issue and we came to the same (wrong) conclusion... Regards Attila
... View more
02-15-2022
06:04 AM
Hey Guys! We're having a very similar issue on our 5220 (PAN-OS 10.1.4). The latency comes and goes. CPU / Memory usage is close to nothing, same goes for session utilization. However every few secs the flow_fpga_ingress_exception_err counter is rising. Delta says 50 more drops in a second, the next second 3000. There's a strange thing I noticed. We gather metrics with prometheus (nevermind the software), and monitoring IfHCOutOctets and IfHCinOctets via snmp. We both monitor the firewall interfaces, and the (Cisco) switch ports they're connected to. We're using the same formula for bandwith calculation and get massive differences. On the switchport we see the nightly backups consume the whole 1Gbit bandwith on our graphs, in the same time period the matching firewall interface shows only ~700 Mbit/sec. It's the two ends of the same wire! I'm not saying it's related to flow_fpga_ingress_exception_err but packet drops (a few thousand per few secs) could explain the difference between the two measured values.
... View more
02-13-2022
11:21 AM
Hey Guys!
Just wanted to let you know, TAC informed us that they escalated the issue to engineering. Let's hope the guys come up with a solution fast.
Regards
Attila
... View more
02-02-2022
06:28 AM
Thank you for your answer, I already tried 10.4.1-h2 and it did not solve the issue (all firewalls are on 10.1.4 also). It solved my other problem with dynamic device groups tough.. 🙂
Generating config on the bottom level device group then push & commit makes the said rule appear again.
The problem is when I modify something in the parent device group or in Shared policy then push & commit (thus generating and pushing config to all child device groups) the policies dissapear again.
I tried to remove the tag from device, push/commit then re-add it again as @PSCH suggested, but it didn't help.
It could be a workaround to push&commit for each child device group, but I have 60+ device groups under my parent DG, where I store most of my policies, so it's not for me. And again, modifing Shared policies will also trigger the problem.
I had a remote session with a TAC engineer, and he confirmed the problem, it's still under investigation.
Best regards
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
01-19-2023
10:33 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks