Recommendation for Network Troubleshooting Tools
It is useful to have a separate troubleshooting station to capture traffic or inject test packets in the virtualized environment. It can be helpful to build a fresh OS from scratch with common troubleshooting tools installed such as tcpdump, nmap, hping, traceroute, iperf, tcpedit, netcat, etc. This machine can then be powered down and converted to a template. Each time the tools are needed, the troubleshooting client (virtual machine) can be quickly deployed to the virtual switch(es) in question and used to isolate networking problems. When the testing is complete, the instance can simply be discarded and the template used again the next time it is required.
For performance related issues on the firewall, first check the
Dashboardfrom the firewall web interface. To view alerts or create a tech support or stats dump files navigate to
For information in the vSphere client go to
, select the VM-Series firewall instance and click the
VMs and Templates
Resources, check the statistics for consumed memory, CPU and storage. For resource history, click the
Performancetab and monitor resource consumption over time.
Troubleshoot ESXi Deployments
Troubleshoot ESXi Deployments Many of the troubleshooting steps for the VM-Series firewall are very similar to the hardware versions of PAN-OS. When problems occur, you ...
Deploy the Palo Alto Networks NGFW Service
Deploy the Palo Alto Networks NGFW Service Use the following steps to automate the process of deploying an instance of the VM-Series firewall for NSX-V ...
Device > Troubleshooting
Test connectivity and policy matches from the firewall or Panorama web interface. ...
Policy Match and Connectivity Tests from the Web Interface
Test the policy rule match and connectivity to network resources for running firewall configuration. ...
Upgrade a WildFire Appliance
Upgrade a WildFire Appliance Use the following workflow to upgrade the WildFire appliance operating system. If you want to upgrade an appliance that is part ...
Problems Activating PAN-DB
Problems Activating PAN-DB Use the following workflow to troubleshoot PAN-DB activation issues. Access the PAN-OS CLI . Verify whether PAN-DB has been activated by running ...
LLDP-V2-MIB.my Use the LLDP-V2-MIB to monitor Link Layer Discovery Protocol ( LLDP ) events. For example, you can check the lldpV2StatsRxPortFramesDiscardedTotal object to see the ...
PAN-ENTITY-EXT-MIB.my Use PAN-ENTITY-EXT-MIB.my in tandem with the ENTITY-MIB to monitor power usage for the physical components of a PA-7000 Series firewall (for example, fan trays, ...
Troubleshoot Connectivity to Network Resources
Test the running firewall configuration for connectivity to important network resources. ...