How to View/Clear Sessions

How to View/Clear Sessions

50467
Created On 09/25/18 20:34 PM - Last Updated 04/20/20 21:49 PM


Resolution

To list the active sessions on the firewall:

> show session all

 

------------------------------------------------------------------------------------------------------------------------------
ID/vsys   application     state   type flag   src[sport]/zone/proto (translated IP[port])
                                                                dst[dport]/zone (translated IP[port]
-------------------------------------------------------------------------------------------------------------------------------

129617/1  skype           ACTIVE  PRED        0.0.0.0[0]/corp-trust/6 (0.0.0.0[0])
                                                                 97.87.56.37[28775]/corp-untrust (97.87.56.37[28775])

114143/1  yahoo-voice   ACTIVE  FLOW      10.16.3.232[49259]/corp-trust/6 (10.16.3.232[49259])
                                                                 68.142.233.183[443]/corp-untrust (68.142.233.183[443])

6766/1

 

To clear a session by it's ID number:

> clear session ID 129617

session 129617 cleared

 

To clear all sessions:

> clear session all

 

To list the available filters when clearning sessions:

> clear session all filter


+ application        Application name
+ destination        destination IP address
+ destination-port   Destination port
+ destination-user   Destination user
+ from               From zone
+ nat                If session is NAT
+ nat-rule           Rule name
+ protocol           IP protocol value
+ proxy              session is decrypted
+ rule               Rule name
+ source             source IP address
+ source-port        Source port
+ source-user        Source user
+ state              flow state
+ to                 To zone
+ type               flow type
  <Enter>            Finish input

 

To clear sessions for a specific application:

> clear session all filter application skype

Sessions cleared

 

To clear sessions for a specific source or destination IP:

> clear session all filter source 192.168.51.71

Sessions cleared

 

> clear session all filter destination 8.8.8.8

Sessions cleared

 

Note: All commands to clear sessions will work the same on a single firewall or a pair of firewalls in High Availability (HA) configuration.

 

See also

How to Clear Sessions from the Session Monitor

 

owner: panagent



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClhWCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language