What is the meaning of aged out for session end reason ?

What is the meaning of aged out for session end reason ?

42399
Created On 10/15/19 02:46 AM - Last Modified 02/17/25 09:22 AM


Question


What is the meaning of aged out for session end reason? 

> show log traffic session-end-reason equal aged-out 

Time                App             From                            Src Port          Source
Rule                Action          To                              Dst Port          Destination
                    Src User        Dst User                        End Reason
====================================================================================================
2018/11/03 18:40:15 ping            L3-Trust                        0                 10.0.8.20
Wide Open           allow           L3-Trust                        0                 1.1.1.2
                                                                    aged-out

Environment


  • Palo Alto Firewalls
  • Session details

Answer


  1. Aged out session end reason occurs when a session closes due to aging out.
  2. For UDP Traffic like Dns traffic is normal to seeing the aged out and it is a normal way for UDP session to end.

User-added image

  1. For the TCP sessions Age out occurs when a session ages out due to timeout.
  2. For example if user tries to connect to a server and user is waiting for a response / ack / syn-ack. If the tcp handshake is not established, it times out or firewall did not receive enough packets to recognize the application and it gets timed out.

    User-added image
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PN02CAG&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail