10-06-2021 09:03 AM
Hello,
i want to do a packet capture on a VM interface using Network Watcher for some traffic on our VM-300 series NGFW but our CSP advises this is not possible. The extensions section in Azure seems to confirm this.
can anyone advise if this feature is available? we are having issues with a flow of traffic not being received at the far end but the PA is saying it is sending it, i need to do a capture outside of the PA to see if the traffic is definately being sent.
thanks
11-04-2021 11:24 PM
Thank you for posting question @RyanJohnstone1144
I was researching this and eventually ended up with opening a ticket to Microsoft to get definitive answer. The answer is: unfortunately it is not possible and at least at this moment there is no other alternative way capture traffic. I am sure you are aware of data plane packet capture in Firewall: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClTJCA0 If you requirement is to confirm that traffic is egressing an interface, potentially this might be up to the job.
Kind Regards
Pavel
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
