About sraghunandan

sraghunandan · ‎07-01-2013

This script does the indexing of log databases, please open a case with support so that we can look into it to see why it causing the cpu to hike.

sraghunandan · ‎07-01-2013

Can you look at o/p for the following command :- > show system resources follow (press C it will o/p the entire path which is causing the cpu to go high) press 1 (will show the cpu details) press (shift + H) thread info

sraghunandan · ‎06-28-2013

Please navigate to Device tab-Setup-Services-Service route configuration and include the l3 interface from which you would like to pull up the update from. Something like the screenshot in the following doc:-https://live.paloaltonetworks.com/docs/DOC-4483

sraghunandan · ‎06-26-2013

For a workaround you can do the following:- login to the cli:- enable logging on putty. > set cli pager off > show log traffic start-time equal 2012/09/01@10:00:00 end-time equal 2012/09/03@10:00:00 this command would dump all the logs for that period.

sraghunandan · ‎06-26-2013

There is a bug open in 4.1 branch wrt to this even though the max lines are set to 1048576 sometimes only 60-65k lines would show up else browser would return Page cannot be displayed refer to the bug: 28222 fixed in 5.0.0

sraghunandan · ‎06-26-2013

Have you had a chance to look at this doc https://live.paloaltonetworks.com/docs/DOC-3664

sraghunandan · ‎06-24-2013

Have you had a chance to review this doc:- https://live.paloaltonetworks.com/docs/DOC-3601

sraghunandan · ‎06-24-2013

Also refer https://live.paloaltonetworks.com/docs/DOC-1071

sraghunandan · ‎06-20-2013

There is a feature request submitted for this (FR ID:1829) , please have your local SE vote for this feature request.

sraghunandan · ‎06-20-2013

Going by your description looks like the settings are correct 1. set the cluster id under advanced tab secondly under peer group set the peer as type client. So the PA is receiving the routes from its IBGP peers but not forwarding it out right. Anything unusual in less mp-log routed.log (press space to scroll down). Also if you click on More Runtime Stats--bgp--local rib---rib out under virtual routers .

sraghunandan · ‎06-07-2013

If you just have on 1 ingress(10G) and egress (10G ) you should be okay with 3 to 5G aggregate . But I would still recommend you to setup and monitor.

sraghunandan · ‎06-06-2013

Please navigate to Monitor tab and click on traffic. Now enter the following filter ( addr.src in userip ) Also if you could login into the cli using ssh, run the following command >show session all filter source (ip in question) and then look at the session i.e >show session id (id) for example:- admin@92-PA-3050> show session all -------------------------------------------------------------------------------- ID Application State Type Flag Src[Sport]/Zone/Proto (translated IP[P ort]) Vsys Dst[Dport]/Zone (translated IP[Port]) -------------------------------------------------------------------------------- 56478 telnet ACTIVE FLOW 192.168.192.217[35534]/trust-L3/6 (19 2.168.192.217[35534]) >show session id 56748 Session 56478 c2s flow: source: 192.168.192.217 [trust-L3] dst: 10.2.2.1 proto: 6 sport: 35534 dport: 23 state: ACTIVE type: FLOW src user: unknown dst user: unknown s2c flow: source: 10.2.2.1 [test] dst: 192.168.192.217 proto: 6 sport: 23 dport: 35534 state: ACTIVE type: FLOW src user: unknown dst user: unknown start time : Wed Jun 5 19:09:21 2013 timeout : 432000 sec time to live : 344073 sec total byte count(c2s) : 3028 total byte count(s2c) : 0 layer7 packet count(c2s) : 50 layer7 packet count(s2c) : 0 vsys : vsys1 application : telnet rule : rule1 session to be logged at end : True session in session ager : True session synced from HA peer : False layer7 processing : enabled URL filtering enabled : False session via syn-cookies : False session terminated on host : False session traverses tunnel : False captive portal session : False ingress interface : ethernet1/4 egress interface : ethernet1/7 session QoS rule : N/A (class 4)

sraghunandan · ‎06-06-2013

Hi Nick, I don't think that's possible.the only way out is an ipsec site to site tunnel .

sraghunandan · ‎06-06-2013

And also https://live.paloaltonetworks.com/docs/DOC-4139

sraghunandan · ‎06-06-2013

Please refer this document I think this is what you are looking for https://live.paloaltonetworks.com/docs/DOC-4078

Member Since	‎11-14-2011 01:08 PM
Date Last Visited	‎11-21-2025 03:03 PM
Posts	259
Total Likes Received	98

Online Status	Offline
Date Last Visited	‎11-21-2025 03:03 PM

About sraghunandan

Re: User-ID target limits for agentless User-ID

Re: User-ID target limits for agentless User-ID

Re: User-ID target limits for agentless User-ID

Re: Predefined syslog filters list please?

Re: Firewall management IP.

Re: Firewall management IP.

Re: Help with traffic reports... How can I do a report based on an ip range.

Re: Captive Portal Response Page

Re: VPN tunnels on a ubiquiti wireless connection

Re: User-ID Agent identifies local PC users so captive portal never kicks in?

Re: How Can I create custom application?

Re: Captive Portal Behavior

Re: Reset an interface to initial state of Not configured

Re: telnet with EBCDIC encoding

Re: pandb vs brightcloud experiences?

System Log monitoring via email?

How Do I Know if Traffic Is Hitting a Decryption Policy?

Re: 5.0.5 Management CPU?

Re: 5.0.5 Management CPU?

Re: How to update database, license through another interface ( not mgt)

Re: Problem exporting logs

Re: Problem exporting logs

Re: User-ID for Exchange Permission Issue

Re: Packet capture of specific Security Rule?

Re: application override

Re: Excel XLSX recognized as ZIP file

Re: Palo Alto as a route reflector

Re: Active/Active HA3 Link Bandwith

Re: Palo Alto blocking Wii game

Re: Can firewall act as VPN client?

Re: Can firewall act as VPN client?

Re: Can firewall act as VPN client?

Unlock your full community experience!

About sraghunandan